Junos OS Release 19.4R3 User Manual

Download

Release Notes: Junos®OS Release 19.4R3 for

the ACX Series, cRPD, EX Series, JRR Series,

Junos Fusion, MX Series, NFX Series, PTX

Series, QFX Series, SRX Series, vMX, vRR, and

vSRX

22 April 2021

Introduction | 12

Junos OS Release Notes for ACX Series | 12

What's New | 13

What's New in Release 19.4R3 | 13

What’s Changed in 19.4R2-S2 | 14

What's New in Release 19.4R2 | 14

What's New in Release 19.4R1 | 16

What's Changed | 21

What’s Changed in 19.4R3 | 21

What’s Changed in 19.4R2 | 21

What’s Changed in 19.4R1 | 22

Known Limitations | 22

General Routing | 23

Open Issues | 24

General Routing | 24

Platform and Infrastructure | 27

Virtual Chassis | 27

Resolved Issues | 27

Resolved Issues: 19.4R3 | 28

Resolved Issues: 19.4R2 | 29

Resolved Issues: 19.4R1 | 30

Documentation Updates | 33

Feature Guides Are Renamed As User Guides | 33

Migration, Upgrade, and Downgrade Instructions | 33

Upgrade and Downgrade Support Policy for Junos OS Releases | 34

Junos OS Release Notes for cRPD | 35

What’s New | 35

What's Changed | 35

Known Limitations | 35

Open Issues | 36

Resolved Issues | 36

Junos OS Release Notes for EX Series Switches | 36

What's New | 37

What's New in 19.4R3 | 37

What's New in 19.4R2 | 37

What's New in 19.4R1 | 38

What's Changed | 47

What's Changed in 19.4R3 | 48

What's Changed in 19.4R2 | 48

What's Changed in 19.4R1 | 49

Known Limitations | 50

Platform and Infrastructure | 50

Open Issues | 51

Infrastructure | 51

Interfaces and Chassis | 52

Layer 2 Features | 52

Platform and Infrastructure | 52

Routing Protocols | 53

Virtual Chassis | 54

Resolved Issues | 54

Resolved Issues: 19.4R3 | 55

Resolved Issues: 19.4R2 | 57

Resolved Issues: 19.4R1 | 60

Documentation Updates | 65

Feature Guides Are Renamed As User Guides | 66

Migration, Upgrade, and Downgrade Instructions | 66

Upgrade and Downgrade Support Policy for Junos OS Releases | 66

Junos OS Release Notes for JRR Series | 67

What's New | 68

What’s New in 19.4R3 Release | 68

What’s New in 19.4R2 Release | 68

What’s New in 19.4R1 Release | 68

What's Changed | 69

Known Limitations | 70

Open Issues | 70

Resolved Issues | 71

Resolved Issues: 19.4R3 | 71

Resolved Issues: 19.4R2 | 71

Resolved Issues: 19.4R1 | 71

Documentation Updates | 72

Feature Guides Are Renamed As User Guides | 72

Migration, Upgrade, and Downgrade Instructions | 73

Upgrade and Downgrade Support Policy for Junos OS Releases | 73

Junos OS Release Notes for Junos Fusion Enterprise | 74

What’s New | 75

What’s Changed | 75

Known Limitations | 76

Open Issues | 76

Junos Fusion for Enterprise | 76

Resolved Issues | 77

Resolved Issues: Release 19.4R3 | 77

Resolved Issues: Release 19.4R2 | 78

Resolved Issues: Release 19.4R1 | 78

Documentation Updates | 78

Feature Guides Are Renamed As User Guides | 78

Migration, Upgrade, and Downgrade Instructions | 79

Basic Procedure for Upgrading Junos OS on an Aggregation Device | 79

Upgrading an Aggregation Device with Redundant Routing Engines | 81

Preparing the Switch for Satellite Device Conversion | 82

Converting a Satellite Device to a Standalone Switch | 83

Upgrade and Downgrade Support Policy for Junos OS Releases | 83

Downgrading from Junos OS | 84

Junos OS Release Notes for Junos Fusion Provider Edge | 85

What's New | 85

What's Changed | 86

Known Limitations | 86

Open Issues | 87

Resolved Issues | 87

Resolved Issues: 19.4R3 Release | 88

Resolved Issues: 19.4R2 Release | 88

Resolved Issues: 19.4R1 Release | 88

Documentation Updates | 88

Feature Guides Are Renamed As User Guides | 89

Migration, Upgrade, and Downgrade Instructions | 89

Basic Procedure for Upgrading an Aggregation Device | 90

Upgrading an Aggregation Device with Redundant Routing Engines | 92

Preparing the Switch for Satellite Device Conversion | 93

Converting a Satellite Device to a Standalone Device | 94

Upgrading an Aggregation Device | 96

Upgrade and Downgrade Support Policy for Junos OS Releases | 97

Downgrading from Junos OS Release 19.4 | 97

Junos OS Release Notes for MX Series 5G Universal Routing Platform | 98

What's New | 98

What’s New in 19.4R3 Release | 99

What’s New in 19.4R2 Release | 99

What’s New in 19.4R1 Release | 101

What's Changed | 121

What’s Changed in 19.4R3-S3 Release | 121

What’s Changed in 19.4R3-S2 Release | 122

What’s Changed in 19.4R3 Release | 122

What’s Changed in 19.4R2-S1 Release | 124

What’s Changed in 19.4R2 Release | 124

What’s Changed in 19.4R1 Release | 125

Known Limitations | 129

EVPN | 129

General Routing | 129

Interfaces and Chassis | 131

Platform and Infrastructure | 131

Routing Protocols | 132

Open Issues | 132

Class of Service (CoS) | 133

EVPN | 133

Forwarding and Sampling | 133

General Routing | 134

Infrastructure | 142

Interfaces and Chassis | 142

Layer 2 Features | 143

MPLS | 143

Network Address Translation (NAT) | 144

Network Management and Monitoring | 144

Platform and Infrastructure | 144

Routing Protocols | 146

Services Applications | 147

VPNs | 148

Resolved Issues | 148

Resolved Issues: 19.4R3 | 149

Resolved Issues: 19.4R2 | 158

Resolved Issues: 19.4R1 | 170

Documentation Updates | 191

Advanced Subscriber Management Provider | 192

Feature Guides Are Renamed As User Guides | 192

Migration, Upgrade, and Downgrade Instructions | 192

Basic Procedure for Upgrading to Release 19.4 | 193

Procedure to Upgrade to FreeBSD 11.x based Junos OS | 193

Procedure to Upgrade to FreeBSD 6.x based Junos OS | 196

Upgrade and Downgrade Support Policy for Junos OS Releases | 198

Upgrading a Router with Redundant Routing Engines | 198

Downgrading from Release 19.4 | 199

Junos OS Release Notes for NFX Series | 199

What’s New | 200

What's New in Release 19.4R3 | 200

What's New in Release 19.4R2 | 200

What's New in Release 19.4R1 | 201

What's Changed | 202

What’s Changed in 19.4R3 Release | 202

What’s Changed in 19.4R2 Release | 203

What’s Changed in 19.4R1 Release | 203

Known Limitations | 203

High Availability | 204

Platform and Infrastructure | 204

Open Issues | 204

Platform and Infrastructure | 205

Virtual Network Functions (VNFs) | 205

Resolved Issues | 205

Resolved Issues: 19.4R3 | 206

Resolved Issues: 19.4R2 | 206

Resolved Issues: 19.4R1 | 208

Documentation Updates | 210

Feature Guides Are Renamed As User Guides | 211

Migration, Upgrade, and Downgrade Instructions | 211

Upgrade and Downgrade Support Policy for Junos OS Releases | 211

Basic Procedure for Upgrading to Release 19.4 | 212

Junos OS Release Notes for PTX Series Packet Transport Routers | 213

What's New | 214

What's New in 19.4R3 | 214

What's New in 19.4R2 | 214

What's New in 19.4R1 | 215

What's Changed | 221

What's Changed in 19.4R3-S2 | 222

What's Changed in 19.4R3 | 222

What's Changed in 19.4R2 | 222

What's Changed in 19.4R1 | 223

Known Limitations | 225

General Routing | 225

MPLS | 226

Open Issues | 226

General Routing | 227

MPLS | 229

Routing Protocols | 229

Resolved Issues | 229

Resolved Issues: 19.4R3 | 230

Resolved Issues: 19.4R2 | 231

Resolved Issues: 19.4R1 | 232

Documentation Updates | 235

Feature Guides Are Renamed as User Guides | 235

Migration, Upgrade, and Downgrade Instructions | 236

Basic Procedure for Upgrading to Release 19.4 | 236

Upgrade and Downgrade Support Policy for Junos OS Releases | 239

Upgrading a Router with Redundant Routing Engines | 240

Junos OS Release Notes for the QFX Series | 241

What's New | 241

What's New in Release 19.4R3 | 242

What's New in Release 19.4R2 | 242

What's New in Release 19.4R1 | 242

What's Changed | 254

What’s Changed in 19.4R3 | 254

What’s Changed in 19.4R2 | 255

What’s Changed in 19.4R1 | 256

Known Limitations | 258

Layer 2 Features | 258

Layer 2 Ethernet Services | 258

Network Management and Monitoring | 258

Platform and Infrastructure | 259

Routing Protocols | 259

Open Issues | 260

EVPN | 260

Infrastructure | 260

Interfaces and Chassis | 261

Junos Fusion Provider Edge | 261

Layer 2 Features | 261

MPLS | 261

Platform and Infrastructure | 261

Routing Protocols | 263

Virtual Chassis | 264

Resolved Issues | 264

Resolved Issues: 19.4R3 | 265

Resolved Issues: 19.4R2 | 268

Resolved Issues: 19.4R1 | 274

Documentation Updates | 280

Feature Guides Are Renamed As User Guides | 281

Migration, Upgrade, and Downgrade Instructions | 281

Upgrading Software on QFX Series Switches | 282

Installing the Software on QFX10002-60C Switches | 284

Installing the Software on QFX10002 Switches | 284

Upgrading Software from Junos OS Release 15.1X53-D3X to Junos OS Release

15.1X53-D60, 15.1X53-D61.7, 15.1X53-D62, and 15.1X53-D63 on QFX10008 and QFX10016 Switches | 285

Installing the Software on QFX10008 and QFX10016 Switches | 287

Performing a Unified ISSU | 291

Preparing the Switch for Software Installation | 292

Upgrading the Software Using Unified ISSU | 292

Upgrade and Downgrade Support Policy for Junos OS Releases | 294

Junos OS Release Notes for SRX Series | 295

What’s New | 296

Release 19.4R3 New and Changed Features | 296

Release 19.4R2 New and Changed Features | 296

Release 19.4R1 New and Changed Features | 296

What's Changed | 304

What's Changed in 19.4R3 | 305

What’s Changed in Release 19.4R2-S4 | 305

What’s Changed in Release 19.4R2 | 305

What’s Changed in Release 19.4R1 | 306

Known Limitations | 310

Application Layer Gateways (ALGs) | 311

Class of Service (CoS) | 311

Flow-Based and Packet-Based Processing | 311

J-Web | 311

Platform and Infrastructure | 312

Routing Policy and Firewall Filters | 312

Switching | 312

VPNs | 312

Open Issues | 313

ATP Cloud | 314

Chassis Clustering | 314

Flow-Based and Packet-Based Processing | 314

Intrusion Detection and Prevention (IDP) | 314

J-Web | 315

Platform and Infrastructure | 315

Routing Policy and Firewall Filters | 315

VPNs | 315

Resolved Issues | 317

Resolved Issues: 19.4R3 | 317

Resolved Issues: 19.4R2 | 319

Resolved Issues: 19.4R1 | 323

Documentation Updates | 330

Feature Guides Are Renamed As User Guides | 330

Migration, Upgrade, and Downgrade Instructions | 330

Upgrade and Downgrade Support Policy for Junos OS Releases and Extended End-Of-Life

Releases | 331

Junos OS Release Notes for vMX | 331

What’s New | 332

What's Changed | 332

Known Limitations | 332

Open Issues | 332

Platform and Infrastructure | 333

Resolved Issues | 333

CLI | 333

Platform and Infrastructure | 333

Licensing | 334

Upgrade Instructions | 334

Junos OS Release Notes for vRR | 334

What’s New | 335

What's Changed | 335

Known Limitations | 335

Open Issues | 336

Resolved Issues | 336

Junos OS Release Notes for vSRX | 336

What’s New | 337

Release 19.4R3 New and Changed Features | 337

What's Changed | 337

Management | 338

Known Limitations | 338

J-Web | 338

Platform and Infrastructure | 339

Unified Threat Management (UTM) | 339

User Access and Authentication | 339

Open Issues | 339

VPNs | 340

Resolved Issues | 340

Application Security | 340

CLI | 341

Flow-Based and Packet-Based Processing | 341

Intrusion Detection and Prevention (IDP) | 341

J-Web | 341

Platform and Infrastructure | 341

Routing Policy and Firewall Filters | 342

Unified Threat Management (UTM) | 342

VPNs | 342

Migration, Upgrade, and Downgrade Instructions | 342

Upgrading Software Packages | 343

Validating the OVA Image | 348

Upgrading Using ISSU | 349

Licensing | 349

Compliance Advisor | 350

Finding More Information | 350

Documentation Feedback | 350

Requesting Technical Support | 352

Self-Help Online Tools and Resources | 352

Creating a Service Request with JTAC | 353

Revision History | 353

Introduction

Junos OS runs on the following Juniper Networks®hardware: ACX Series, EX Series, M Series, MX Series,

NFX Series, PTX Series, QFabric systems, QFX Series, SRX Series, T Series, JRR Series, and Junos Fusion.

These release notes accompany Junos OS Release 19.4R3 for the ACX Series, cRPD, EX Series, JRR Series, Junos Fusion, MX Series, NFX Series, PTX Series, QFX Series, SRX Series, vMX, vRR, and vSRX. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

Feature Guides Are Renamed As User Guides—Starting with Junos OS 19.4R1, we renamed our Feature

•

Guides to User Guides to better reflect the purpose of the guides. For example, the BGP Feature Guide is now the BGP User Guide. We didn’t change the URLs of the guides, so any existing bookmarks you have will continue to work. To keep the terminology consistent on our documentation product pages, we renamed the Feature Guides section to User Guides. To find documentation for your specific product, check out this link.

New In Focus Guide—Starting on Junos Release 19.4, we are introducing a new document called In

•

Focus that provides details on the most important features for the release in one place. We hope this document will quickly get you to the latest information about Junos features. Let us know if you find this information useful by sending email to techpubs-comments@juniper.net.

Important Information:

•

Upgrading Using ISSU on page 349

•

Licensing on page 349

•

Compliance Advisor on page 350

•

Finding More Information on page 350

•

Documentation Feedback on page 350

•

Requesting Technical Support on page 352

•

Junos OS Release Notes for ACX Series

IN THIS SECTION

What's New | 13

What's Changed | 21

Known Limitations | 22

Open Issues | 24

Resolved Issues | 27

Documentation Updates | 33

Migration, Upgrade, and Downgrade Instructions | 33

These release notes accompany Junos OS Release 19.4R3 for the ACX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

What's New

IN THIS SECTION

What's New in Release 19.4R3 | 13

What’s Changed in 19.4R2-S2 | 14

What's New in Release 19.4R2 | 14

What's New in Release 19.4R1 | 16

Learn about new features introduced in the Junos OS main and maintenance releases for ACX Series routers.

What's New in Release 19.4R3

There are no new features or enhancements to existing features for ACX Series Junos OS Release 19.4R3.

What’s Changed in 19.4R2-S2

General Routing

Support for gigether-options statement (ACX5048, ACX5096)—Junos OS supports the gigether-options

•

statement at the edit interfaces interface-name hierarchy on the ACX5048 and ACX5096 routers. Previously, support for the gigether-statement was deprecated. See gigether-options and

What's New in Release 19.4R2

Dynamic Host Configuration Protocol (DHCP)

Support for DHCPv6-PD on EVPN IRB synchronization between multiple PE routers (ACX 5448,

•

ACX5448-M and ACX5448-D)—Starting in Junos OS Release 19.4R2, you can use DHCPv6 prefix delegation (DHCPv6-PD) to automate the delegation of IPv6 prefixes to a requesting router on EVPN IRB. DHCPv6 prefix delegation is configured on EVPN IRB and provides IPv6 prefixes to the requesting clients, instead of the unique address. The DHCPv6-PD server acts as a provider edge (PE) router that provides the delegates through the relay (PE router) operating in the EVPN instance.

If one PE router fails, appropriate DHCPv6-PD state is made available for the remaining PE routers participating in the DHCP-PD process for the given VLAN. This is done using automatic synchronization of DHCPv6-PD states between multiple PE routers connected to the same Ethernet Segment Identifier (ESI) through EVPN BGP messages.

Support for DHCP Option 82 over EVPN (ACX5448, ACX5448-M and ACX5448-D)—Starting in Junos

•

OS Release 19.4R2, we have inserted Option 82 flags in the DHCP packets for enhanced security when the packet is sent to the server. The provider edge router that is part of the EVPN instance acts as the relay agent and inserts these flags to the DHCP packets.

DHCPv4 and DHCPv6 relay of packets uses this process. With the introduction of EVPN IRB, the relay agent uses the IRB interface with EVPN for forwarding the requests and replies to and from the client or the server instead of using the default routing.

Support for persistent storage of DHCPv4 and DHCPv6 bindings over EVPN IRB (ACX5448, ACX5448-M

•

and ACX5448-D)—Starting in Junos OS Release 19.4R2, ACX5448, ACX5448-M and ACX5448-D routers, when configured to function as a DHCP relay agent, can also be configured to preserve the DHCPv4 and DHCPv6 subscriber bindings across reboots. Existing bindings are written to a local file in /var/preserve. After reboot, the binding table is populated with the contents of the file and the router identifies each subscriber that was on the deleted interface, and resumes normal packet processing for subscribers when the interface is restored. To preserve the subscriber binding information, enable the perisistent-storage statement under the [edit system services dhcp-local-server] hierarchy.

[See Preserving Subscriber Binding Information and DHCPv6 Relay Agent Overview.]

EVPN

Multicast with IGMP or MLD snooping across VLANs for EVPN-MPLS (ACX5448)—Starting in Junos OS

•

Release 19.4R2, ACX5448 routers support inter-VLAN multicast forwarding with IGMP or MLD snooping in an EVPN over MPLS network as follows:

Multicast sources are external to the EVPN instance in a Layer 3 Protocol Independent Multicast (PIM)

•

domain.

All provider edge (PE) devices in the EVPN instance connect to a PIM gateway router in the PIM

•

domain using Layer 3 interfaces, and send PIM join messages toward the PIM rendezvous point (RP) for their receivers that want to join a multicast group.

The PIM gateway router forwards traffic for the multicast group from the external sources to all PE

•

devices in the EVPN instance.

On each PE device, you configure IRB interfaces with PIM in distributed designated router (DDR)

•

mode. The PE device uses these IRB interfaces only to forward or route the multicast traffic on one or more VLANs to interested receivers locally (on its own device), rather than to send traffic out to other PE devices in the EVPN-MPLS network.

You can configure IGMP or MLD snooping in one or more routing instances of type evpn.

•

You must configure all VLANs on all PE devices.

•

Receivers in an EVPN instance can be single-homed to one PE device or multihomed to multiple PE

•

devices in all-active mode. Peer PE devices for an EVPN segment synchronize IGMP or MLD state information by using BGP EVPN Type 7 and Type 8 (Join Sync and Leave Sync Route) messages.

The PE devices support IGMPv2 and IGMP snooping with any-source multicast (ASM) [(*,G)].

•

The PE devices support MLDv1, MLDv2, and MLD snooping as follows:

•

By default when you enable MLD snooping, the PE devices process MLDv1 and MLDv2 reports

•

only in ASM (*,G) mode. They discard MLDv2 source-specific multicast (SSM) (S,G) reports.

If you enable MLD snooping with the SSM-only processing option (set evpn-ssm-reports-only at

•

the [edit routing-instance instance-name protocols mld-snooping] hierarchy level), the PE devices process MLDv2 reports as SSM (S,G) only. They discard MLDv1 or MLDv2 ASM (*,G) reports. We also recommend that you configure MLDv2 on all IRB interfaces used for inter-VLAN routing in this case.

PE devices can’t process both ASM and SSM reports together.

[See Overview of Multicast Forwarding with IGMP or MLD Snooping in an EVPN-MPLS Environment.]

Multicast with IGMP or MLD snooping within VLANs for EVPN-MPLS (ACX5448, ACX5448-M, and

•

ACX5448-D)—Starting in Junos OS Release 19.4R2, ACX5448 routers support intra-VLAN multicast forwarding with IGMP or MLD snooping in an EVPN over MPLS network as follows:

The multicast sources and receivers must be within an EVPN instance. You can configure IGMP or

•

MLD snooping for one or more routing instances of type evpn.

Receivers can be single-homed to one provider edge (PE) device or multihomed to multiple PE devices

•

(in all-active mode only).

The PE devices support IGMPv2 and IGMP snooping with any-source multicast (ASM).

•

The PE devices support MLDv1, MLDv2, and MLD snooping in intra-VLAN configurations as follows:

•

By default with MLD snooping enabled, the PE devices can process MLDv1 ASM (*,G) reports but

•

discard MLDv2 reports.

With MLD snooping enabled, if you configure all interfaces that receive multicast traffic with MLDv2,

•

the PE devices can process both MLDv1 and MLDv2 reports in ASM (*,G) mode, but they discard MLDv2 source-specific multicast (SSM) (S,G) reports.

You must configure each VLAN on all PE devices in an EVPN instance.

•

The PE devices flood multicast source traffic on a VLAN into the EVPN instance to reach all other PE

•

devices. When they receive the traffic from the EVPN network, the PE devices use snooping information to forward the traffic only to the interested listeners in the VLAN.

Multihoming peer PE devices for an Ethernet segment (ES) exchange BGP EVPN Type 7 and Type 8

•

(Join Sync and Leave Sync Route) messages to synchronize the IGMP or MLD state information. When they receive multicast traffic from the EVPN core, the designated forwarder (DF) PE device forwards the traffic only to interested receivers based on IGMP snooping reports and Type 7 routes.

[See Overview of Multicast Forwarding with IGMP or MLD Snooping in an EVPN-MPLS Environment.]

Support for IRB and IRBv6 on EVPN-MPLS networks (ACX5448)—Starting with Junos OS Release

•

19.4R2, you can configure EVPN with IRB or IRBv6 over an EVPN-MPLS network to extend Layer 2 connectivity across data centers. Both EVPN type 2 (MAC/IP Advertisement) and EVPN type 5 (IP Prefix Advertisement) routes are supported.

[See EVPN with IRB Solution Overview.]

Support for EVPN E-Tree service (ACX5448)—Starting in Junos OS 19.4R2, you can configure an Ethernet

•

VPN Ethernet Tree (E-Tree) service on ACX5448 routers.

[See EVPN-ETREE Overview.]

What's New in Release 19.4R1

EVPN

SPRING support for EVPN (ACX5448)—Starting in Junos OS Release 19.4R1, you can use Source Packet

•

Routing in Networking (SPRING) as the underlay transport in EVPN on ACX5448 routers. SPRING tunnels enable routers to steer a packet through a specific set of nodes and links in the network.

To configure SPRING, use the source-packet-routing statement at the [edit protocols isis] hierarchy level.

[See Understanding Source Packet Routing in Networking (SPRING).]

Support for EVPN features on new hardware (ACX5448)—Starting with Release 19.4R1, Junos OS

•

supports the following EVPN features:

ARP/NDP proxy and suppression with proxy MAC responses. [See EVPN Proxy ARP and ARP

•

Suppression, and Proxy NDP and NDP Suppression.]

EVPN with segment routing (SPRING). [See Understanding Source Packet Routing in Networking

•

(SPRING).]

EVPN E-LAN services over MPLS, including support for VLAN-based and VLAN-bundles services. [See

•

EVPN Overview and Overview of VLAN Services for EVPN.]

EVPN multihoming active/active. [See EVPN Multihoming Overview.]

•

Support for EVPN routing policies (ACX5448, EX4600, EX4650, EX9200, MX Series, QFX Series, and

•

vMX)—Starting in Junos OS Release 19.4R1, Junos OS has expanded routing policy support to include the creation and application of policy filters specific to EVPN routes. You can create policies and apply policy filters to import and export EVPN routes at the routing-instance level or at the BGP level. Junos OS supports the following matching criteria for EVPN routes:

Route distinguisher ID

•

NLRI route type

•

EVPN Ethernet tag

•

BGP path attributes

•

Ethernet Segment Identifier

•

MAC Address on EVPN route type 2 routes

•

IP address on EVPN route type 2 and EVPN route type 5 routes

•

Extended community

•

[See Routing policies for EVPN.]

General Routing

Support for full inheritance paths of configuration groups to be built into the database by default (ACX

•

Series, MX Series, PTX Series, and SRX Series)—Starting with Junos OS Release 19.4R1, the persist-groups-inheritance option at the [edit system commit] hierarchy level is enabled by default. To

disable this option, use no-persist-groups-inheritance.

[See commit (System).]

Support for gigether-options statement (ACX5048, ACX5096)—Junos OS supports the gigether-options

•

statement at the edit interfaces interface-name hierarchy on the ACX5048 and ACX5096 routers. Previously, support for the gigether-statement was deprecated. See gigether-options and

Junos OS XML API and Scripting

Automation script library upgrades (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX

•

Series)—Starting in Junos OS Release 19.4R1, devices running Junos OS that support the Python extensions package include upgraded Python modules. Python scripts can leverage the upgraded versions of the following modules:

idna (2.8)

•

jinja2 (2.10.1)

•

jnpr.junos (Junos PyEZ) (2.2.0)

•

lxml (4.3.3)

•

markupsafe (1.1.1)

•

ncclient (0.6.4)

•

packaging (19.0)

•

paho.mqtt (1.4.0)

•

pyasn1 (0.4.5)

•

yaml (PyYAML package) (5.1)

•

[See Overview of Python Modules Available on Devices Running Junos OS.]

Python 3 support for commit, event, op, and SNMP scripts (ACX Series, EX Series, MX Series, PTX

•

Series, QFX Series, and SRX Series)—Starting in Junos OS Release 19.4R1, you can use Python 3 to execute commit, event, op, and SNMP scripts on devices running Junos OS. To use Python 3, configure the language python3 statement at the [edit system scripts] hierarchy level. When you configure the language python3 statement, the device uses Python 3 to execute scripts that support this Python version and uses Python 2.7 to execute scripts that do not support Python 3 in the given release.

The Python 2.7 end-of-support date is January 1, 2020, and Python 2.7 will be EOL in 2020. The official upgrade path for Python 2.7 is to Python 3. As support for Python 3 is added to devices running Junos OS for the different types of onbox scripts, we recommend that you migrate supported script types from Python 2 to Python 3, because support for Python 2.7 might be removed from devices running Junos OS in the future.

[See Understanding Python Automation Scripts for Devices Running Junos OS.]

MPLS

Support for Topology Independent Loop-Free Alternate, advertising MPLS labels, and configuring SRGB

•

for SPRING for ISIS and OSPF (ACX5448-D and ACX5448-M)—Starting with Junos OS Release 19.4R1, ACX5448-D and ACX5448-M router supports topology independent (TI)-loop-free alternate (LFA), advertise MPLS labels (ISIS, OSPF), and segment routing global block (SRGB) for SPRING (ISIS, OSPF).

[See Understanding Topology-Independent Loop-Free Alternate with Segment Routing for IS-IS,

Understanding Source Packet Routing in Networking (SPRING).]

OAM

Support for Ethernet OAM and Metro Ethernet services over segment routing (ACX5448-D, ACX5448-M,

•

MX Series)—Starting with Junos OS Release 19.4R1, ACX5448-D, ACX5448-M and MX Series routers support Ethernet OAM and Metro Ethernet services over segment routing.

[See Understanding Adjacency Segments, Anycast Segments, and Configurable SRGB in SPRING for IS-IS Protocol, Understanding Topology-Independent Loop-Free Alternate with Segment Routing for IS-IS, Ethernet OAM Connectivity Fault Management .]

Routing Protocols

Support for configurable SRGB used by SPRING in OSPF protocols (ACX5448)— Starting in Junos OS

•

Release 19.4R1, you can configure the segment routing global block (SRGB) range label used by segment routing. Labels from this range are used for segment routing functionality in OSPF domain.

The SRGB is a range of the label values used in the segment routing. Prior to Junos OS Release 19.4R1, you could not configure the range for the SRGB block.

Locally you can configure srgb start-label <label-range> index-range <index-range> command under [edit protocols ospf source-packet-routing] hierarchy or globally under [edit protocols mpls label-range] hierarchy.

Following are the SRGB precedences for OSPF protocol:

Local SRGB

•

Global SRGB

•

Node-segment implementation of 256 label block

•

Unnumbered interface support for IS-IS and OSPFv2 with topology-independent loop-free alternate

•

(ACX Series, MX Series and PTX Series)—Starting in Junos OS Release 19.4R1, you can enable IPv4 processing on a point-to-point interface without assigning it an explicit IPv4 address. The router borrows the IPv4 address of another Ethernet or loopback interface already configured on the router and assigns it to the unnumbered interface to conserve IPv4 addresses.

To enable IPv4 processing for unnumbered interfaces include unnumbered-address source at the [edit interfaces [name] unit [name] family inet] hierarchy level.

[See Configuring an Unnumbered Interface.]

System Logging

Improved intermodule communication between FFP and MGD (ACX Series, EX Series, MX Series, PTX

•

Series, QFX Series, and SRX Series)—Starting in Junos OS Release 19.4R1, intermodule communication is improved to enhance software debugging. To enhance error messages with more context, the exit conditions from libraries have been updated as follows:

Additional information is now logged for MGD-FFP intermodule communication.

•

Commit errors that previously were only shown onscreen are now logged.

•

We provide a new operational command, request debug information, to speed up the initial information-gathering phase of debugging.

[See request debug information.]

Software Defined Networking (SDN)

Tunnel templates for PCE-initiated segment routing LSPs (ACX Series)—Starting in Junos OS Release

•

19.4R1, you can configure a tunnel template for Path Computation Element (PCE)-initiated segment routing LSPs and apply it through policy configuration. These templates enable dynamic creation of segment routing tunnels with two additional parameters – Bidirectional forwarding detection (BFD) and LDP tunneling.

With the support for tunnel configuration, the LSPs that you would configure statically can now be automatically created from the PCE, thereby providing the benefit of reduced configuration on the device.

[See Understanding Static Segment Routing LSP in MPLS Networks.]

SEE ALSO

What's Changed | 21

Known Limitations | 22

Open Issues | 24

Resolved Issues | 27

Documentation Updates | 33

Migration, Upgrade, and Downgrade Instructions | 33

What's Changed

IN THIS SECTION

What’s Changed in 19.4R3 | 21

What’s Changed in 19.4R2 | 21

What’s Changed in 19.4R1 | 22

Learn about what changed in the Junos OS main and maintenance releases for ACX Series routers.

What’s Changed in 19.4R3

Routing Protocols

Advertising /32 secondary loopback addresses to Traffic Engineering Database (TED) as prefixes (ACX

•

Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—In Junos OS Release, multiple loopback addresses export into lsdist.0 and lsdist.1 routing tables as prefixes. This eliminates the issue of advertising secondary loopback addresses as router-ids instead of prefixes. In earlier Junos OS releases, multiple secondary loopback addresses in TED were added into lsdist.0 and lsdist.1 routing tables as part of node characteristics and advertised them as the router-id.

What’s Changed in 19.4R2

There are no changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands in Junos OS Release 19.4R2 for ACX Series routers.

What’s Changed in 19.4R1

General Routing

Support for full inheritance paths of configuration groups to be built into the database by default (ACX

•

Series, MX Series, PTX Series, and SRX Series)—Starting with Junos OS Release 19.4R1, the persist-groups-inheritance option at the [edit system commit] hierarchy level is enabled by default. To

disable this option, use no-persist-groups-inheritance.

[See commit (System).]

Routing Protocols

XML RPC equivalent included for the show bgp output-scheduler | display xml rpc CLI command (ACX

•

Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release

19.4R1, we have included an XML RPC equivalent for the show bgp output-scheduler | display xml rpc CLI command. In Junos OS releases before Release 19.4R1, the show bgp output-scheduler | display xml rpc CLI command does not have an XML RPC equivalent.

[See show bgp output-scheduler.]

SEE ALSO

What's New | 13

Known Limitations | 22

Open Issues | 24

Resolved Issues | 27

Documentation Updates | 33

Migration, Upgrade, and Downgrade Instructions | 33

Known Limitations

IN THIS SECTION

General Routing | 23

Learn about known limitations in Junos OS Release 19.4R3 for ACX Series routers. For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem

Report Search application.

General Routing

All PTP packets go to the best-effort queue instead of the network control queue. This is because of

•

the limitation on Qumran where DSCP values are not preserved. PR1361315

ACX6360 Junos telemetry interface or telemetry infrastructure does not support the interface-filtering

•

capability. Therefore, after you enable a particular sensor for telemetry, it is turned on for all the interfaces.

PR1371996

When a timing configuration and the corresponding interface configuration are flapped for multiple

•

times in iteration, PTP is stuck in "INITIALIZE" state where the ARP for the neighbor is not resolved. In issue state, BCM hardware block get into inconsistency state, where the lookup is failing. PR1410746

The port LEDs glowing during system/vmhost halt state is the expected behavior across all ACX Series

•

platforms. Even the system LED glows during halt state. PR1430129

If L2VPN sessions have OAM control-channel option set to router-alert-label, the no-control-word

•

option in L2VPN shouldn't be used for BFD sessions to come up. PR1432854

The IFL statistics in ACX5448, will display the full packet size similar to the behavior in ACX5000 series.

•

PR1439124

With an asymmetric network connection, EX: 10G Macsec port connected to a 10GbE channelized port,

•

high and asymmetric T1 and T4 time errors introduce a high two-way time error.This introduces different CF updates in forward and reverse paths. PR1440140

With the MACsec feature enabled and introduction of traffic, the peak-to-peak value varies with the

•

percentage of traffic introduced. Find the maximum and mean values of the Time errors with different traffic rates(two-router scenario). Can have maximum value jumps as high as 1054ns with 95% traffic, 640ns with 90% traffic, and 137ns with no traffic. PR1441388

ACX Series platforms do not support directly associating a policer in an a logical interface. The association

•

needs to be achieved using "filters" only. In this case, "family any" filter can be configured. Also, the ACX5448 hardware ASIC does not support "egress policing". Egress shaping (H-QoS at the logical-interface level) can be used instead. PR1446376

ACX Series routers support only 900 joins of IGMPv3 users per second. PR1448146

•

This is hardware limitation and this is expected behavior on ACX5448. The mac-ageing on ACX5448

•

will not be at the granularity of per second. Ageing is at the granularity of an ageing cycle. Ageing cycle is defined as 1/6th of the age configured. Only 16000 entries can be aged in each ageing cycle. Meaning that if we have more than 16000 entries ageing in an ageing cycle, only 16000 will be aged out. Rest would be aged out in the subsequent cycles. 16000 can be achieved in ideal scenario when we don't have another learning event in the same cycle. Also, this number can vary in the event of more load on the system. This is a hardware limitation. PR1509590

SEE ALSO

What's New | 13

What's Changed | 21

Open Issues | 24

Resolved Issues | 27

Documentation Updates | 33

Migration, Upgrade, and Downgrade Instructions | 33

Open Issues

IN THIS SECTION

General Routing | 24

Platform and Infrastructure | 27

Virtual Chassis | 27

Learn about open issues in Junos OS Release 19.4R3 for ACX Series routers. For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report

Search application.

General Routing

Loopback status is not shown for OT interfaces on CLI (available from vty only). PR1358017

•

The SD (Signal Degrade) threshold is normally lower than the SF threshold (that is, so that as errors

•

increase, SD condition is encountered first). For the ACX6360 optical links there is no guard code to prevent the user from setting the SD threshold above the SF threshold which would cause increasing errors to trigger the SF alarm before the SD alarm. This will not cause any issues on systems with correctly provisioned SD/SF thresholds. PR1376869

Enhancement is needed for FRR BER threshold SNMP support. PR1383303

•

On ACX6360/PTX10001 router, Tx power cannot be configured using + sign. PR1383980

•

The switchover time observed was more than 50 minutes under certain soak test conditions with an

•

increased scale with a multiprotocol multirouter topology. PR1387858

The ccc logs are not compressed after rotation. PR1398511

•

A jnxIfOtnOperState trap notification is sent for all ot-interfaces. PR1406758

•

On ACX 1000/2000/4000/5048/5096 platforms, after a new child IFL with VLAN and filter is added

•

on an aggregated Ethernet physical interface or if the VLAN ID of a child logical interface is changed with filter, traffic over the aggregated Ethernet physical interface might get filtered with that filter on the child logical interface. For example, ae-0/0/0 is a physical interface and ae-0/0/0.100 is a logical interface. PR1407855

Layer 2 rewrite is happening on regular bridge domain and VLAN interfaces, although there are some

•

service dependencies (VPLS in this case) due to which, the egress interface map table is not updated properly with the Layer 2 rewrite map ID; as a result, the rewrite does not work. PR1414414

On ACX5048/ACX5096 platforms, traffic loss and SNMP slow response issues could be seen where an

•

optic transceiver is removed and inserted back to the same interface. Manually restarting Packet Forwarding Engine might also trigger this defect. PR1418696

On an ACX5000 platform, high CPU usage by the fxpc process might be seen under a rare condition if

•

parity errors are detected in devices. This issue has no direct service/traffic impact. However, because CPU utilization is high during this issue, there are some side effects. For example, the issue could impact time-sensitive features such as BFD. PR1419761

On an ACX5448, the request system reboot command triggers a reboot on the host (Linux) instead of

•

just being limited to Junos OS. PR1426486

The em2 interface configuration causes FPC to crash during initialization and FPC does not come online.

•

After deleting the em2 configuration and restarting the router, FPC comes online. PR1429212

Protocols get forwarded when using a nonexisting SSM map source address in IGMPv3 instead of pruning.

•

This is a day 1 design issue, and needs a design solution. PR1435648

Timing on 1G, performance is not at par compared with 10G, compensation is done to bring the mean

•

value under class-A but the peak-to-peak variations are high and can go beyond 100ns. It has a latency variation with peak to peak variations of around 125ns-250ns(that is, 5-10% of the mean latency introduced by the each phy which is of around 2.5us) without any traffic. PR1437175

Memory leaks are expected in this release. PR1438358

•

ACX Series routers support only 900 joins of IGMPv3 users per second. PR1448146

•

Drop profile maximum threshold may not be reached when the packet size is other than 1000 bytes.

•

This is due to the current design limitation. PR1448418

In some cases when there is a failure of the I2C daemon, this might result in riofeb crash on ACX5448.

•

PR1455928

IPv6 BFD sessions when configured below 100ms was getting flapped which will not after this bug.

•

PR1456237

On the PTX10001/ACX6360 platforms, the unionfs filesystem may get full on vmhost, this bacause

•

there is a mail package in the WRlinux 8 continue to fill the mail logs into the unionfs filesystem. This issue will cause the router to hand and bring traffic down. PR1470217

On PTX1000/ACX6360 Series platforms, the vmhost disk usage might keep increasing due to an incorrect

•

sensor path. PR1480217

ACX platforms - BFD over L2VPN/ L2Circuit will not work due to ACX platforms' SDK upgrade to version

•

6.5.16. PR1483014

On PTX1000/PTX10001/ACX6360 Series platforms, the port mirror will not work when the port-mirroring

•

is configured with firewall filter. PR1491789

When the DF interface is flapped, the traffic is doubled. As the current Non-DF also forwards the traffic

•

in EVPN Multihoming scenario. Work around is to clear the multicast route, with that the issue won't be seen. PR1502411

ACX6360: Observed core-ripsaw-node-aftd-expr. PR1504717

•

MPLS : mpls_lsp check is failing while verifying basic lsp_retry_limit After the fix for PR-1487532, we

•

reset the src_address of the lsp to 0 (if src_address is not configured) whenever it changes its state from Up to down. So when the ingress-lsp goes to down state, we are resetting it to 0. The script is failing because the script is checking for src_address to be present for the ingress-lsp session. Script change is required. PR1505474

In PTP environment some vendor devices acting as slave expecting announce messages at an interval

•

of -3 (8pps) from upstream master device. As of today announce message are configurable in range of 0 to 3. To support the above requirement engineering provided a hidden cli knob "set protocol ptp master announce-interval -3". In the networks/design where we have this requirement we can configure the hidden cli otherwise regular cli which is in the range (0 to 3) can be configurable. Both the cli knobs are mutually exclusive, commit error is expected if both are configured. This new change is applicable to ACX platforms only excluding ACX5000. PR1507782

CLI mentioned in workaround is required when same User MAC is configured on both EVPN DH routers.

•

PR1509808

After link connection flap between the PHP node and the egress PE node, the VRF traffic which supposed

•

to PHP and sent only with VPN label out to egress PE, would wrongly tagged with both MPLS label and VPN label. PR1512821

Interface not coming up with Auto-negotiation setting between ACX1100 and QFX/MX/ACX as other

•

end. PR1523418

This classifier display got blocked due to PR 1353828, where they are blocking the classifier display

•

function as ACX supports only IFD based classification. PR1531413

The CLI output of chassis network-services is not reflecting the configured mode though the configured

•

mode is correctly programmed in Kernel. PR1538869

Ospf neighbor state is INIT instead of expected FULL. PR1543667

•

Platform and Infrastructure

The CFM remote MEP not coming up after configuration or remains in Start state. PR1460555

•

Virtual Chassis

ACX5000 reports false parity error messages like soc_mem_array_sbusdma_read. The ACX5000 SDK

•

can raise false alarms for parity error messages like soc_mem_array_sbusdma_read. This is a false positive error message. PR1276970

SEE ALSO

What's New | 13

What's Changed | 21

Known Limitations | 22

Resolved Issues | 27

Documentation Updates | 33

Migration, Upgrade, and Downgrade Instructions | 33

Resolved Issues

IN THIS SECTION

Resolved Issues: 19.4R3 | 28

Resolved Issues: 19.4R2 | 29

Resolved Issues: 19.4R1 | 30

Learn which issues were resolved in the Junos OS main and maintenance releases for ACX Series routers.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: 19.4R3

General Routing

Policer discarded count is also shown incorrectly to the enq count of the interface-Queue But Traffic

•

Behavior is fine as expected. PR1414887

gigether-options configuration statement enabled again under interface hierarchy. PR1430009

•

While performing repeated power-off/power-on of device, we see SMBUS Transactions timeout.

•

PR1463745

The links may not come up when 100-Gigabit Ethernet interface is channelized to 4x25-Gigabit Ethernet

•

interfaces. PR1479733

Memory utilization enhancement on ACX Series platforms. PR1481151

•

The packets might not get processed on the interfaces after unified ISSU. PR1483959

•

FPC might crash on ACX5448 platform. PR1485315

•

The queue statistics are not as expected after configuring the IFD and logical interface shaping with the

•

transmit rate and scheduler-map. PR1488935

ACX5448 chassis mac-address and label mac-address may not match. PR1489034

•

IEEE 802.1p Priority and DEI values in locally generated VLAN-based IP packets may be changed when

•

sourced from IRB interface on ACX5000. PR1490966

VPLS flood gorups results in IPv4 traffic drop after core interface flap. PR1491261

•

LACP control packets may be dropped due to high CPU utilization in ACX5048/ACX5096. PR1493518

•

During speed mismatch, QSFP28/QSFp+ the optics/cables may or may not work. PR1494600

•

Outbound SSH connection flap or memory leak issue might be observed when pushing configuration

•

to ephemeral database with high rate. PR1497575

ACX5448 EXP rewrite is not working for L3VPN sends all traffic with incorrect EXP. PR1500928

•

The error message mpls_extra NULL might be seen during MPLS route add/change/delete operation.

•

PR1502385

SFW sessions might not get updated on ms interfaces in ACX500. PR1505089

•

PIC slot may be shut down less than 240 seconds due to the over-temperature start time is handled

•

incorrectly. PR1506938

BFD flapping with the error ACX_OAM_CFG_FAILED: ACX Error (oam):dnx_bfd_l3_egress_create :

•

Unable to create egress object after random time interval. PR1513644

In ACX platforms, the loopback filter cannot take more than 2 TCAM slices. PR1513998

•

The VM process generates a core file while running stability test in a multidimensional scenario.

•

PR1515835

L2ALD crash is seen during stability test with traffic on scaled set-up. PR1517074

•

IPV6 neighbor state change causes "Local Outlif" to leak by two values leads to

•

DNX_NH::dnx_nh_tag_ipv4_hw_install errors. PR1519372

The show class-of-service interface does not show classifier information on ACX Series devices.

•

PR1522941

The statement vlan-id-list may not work as expected on the ACX5448/ACX710 platforms. PR1527085

•

Memory leak in Local OutLif in VPLS/CCC topology. PR1532995

•

Interfaces and Chassis

FPC crash might be observed with inline mode CFM configured. PR1500048

•

Routing Protocols

The BGP route-target family might prevent the route reflector from reflecting Layer 2 VPN and Layer

•

3 VPN routes. PR1492743

The rpd might report 100% CPU usage with BGP route damping enabled. PR1514635

•

VPNs

The l2circuit neighbor might be stuck in RD state at one end of MC-LAG peer. PR1498040

•

The rpd crash could be seen in certain conditions after deleting l2circuit configuration. PR1502003

•

Resolved Issues: 19.4R2

General Routing

On ACX5000, MacDrainTimeOut and bcm_port_update failed: Internal error. PR1284590

•

On ACX5048 and ACX5096 platforms, high CPU for fxpc processes might be observed on class-of-service

•

configuration changes on interfaces. PR1407098

Drift messages in ACX2200, which is a PTP hybrid (PTP + Synchronous Ethernet) device. PR1426910

•

ACX5448-D interfaces support: The input bytes value in the show interfaces extensive is not in par

•

with older ACX or MX. PR1430108

The l2cpd process might crash and generate a core file when interfaces are flapping. PR1431355

•

Fans on an ACX5448-M might not be running at the correct speed. PR1448884

•

ACX5048 SNMP polling is stalled after the link is flapped or the SFP transceiver is replaced, and

•

ACX_COS_HALP(acx_cos_gport_sched_set_strict_priority:987): Failed to detach logs is seen. PR1455722

ACX5448-D and ACX5448-M devices do not display airflow information and temperature sensors as

•

expected. PR1456593

[interface] [generic] [ACX] not able to add more than 16 links in a LAG. PR1463253

•

RED drop on interface is seen even when there is no congestion. PR1470619

•

CoS: Egress queue statistics are not applicable to ae interfaces on ACX5048. PR1472467

•

dcpfe core files are generated when you disable and then enable MACsec through Toby scripts.

•

PR1479710

ACX5448 Layer2 VPN with interface ethernet-ccc input-vlan-map/output-vlan-map might cause traffic

•

to be silently dropped. PR1485444

LSP (primary/standby) does not Act/Up after routing or rpd restart. PR1494210

•

Interfaces and Chassis

MC-AE interface might display unknown status if the subinterface is added as part of the VLAN on the

•

peer MC-AE node. PR1479012

Layer 2 Ethernet Services

Member links state might be asychronized on a connection between PE and CE devices in an EVPN A/A

•

scenario. PR1463791

MPLS

BGP session might keep flapping between two directly connected BGP peers because of the incorrect

•

TCP-MSS in use. PR1493431

Resolved Issues: 19.4R1

General Routing

On ACX5000 MacDrainTimeOut and bcm_port_update failed: Internal error error is seen. PR1284590

•

bcmDPC task is high even though Interuppt START_BY_START flag is set to 0. PR1329656

•

The AE interface with LACP stays down after the router reboots if link-speed is configured. PR1357012

•

On ACX Series devices, the LED on the GE interface goes down when speed 10M is added. PR1385855

•

Link Fault Signaling (LFS) doesn not work on ACX5448 10-, 40-, and 100-Gigabit Ethernet interfaces.

•

PR1401718

The optic comes with Tx enabled by default. Because the port is administratively disabled, the port is

•

stopped. However, because the port has not been started, it does not disable Tx. PR1411015

The ACX5448:40G FEC on ACX5448, which is FEC enabled by default, must be aligned with the MX

•

and QFX platforms, where FEC is NONE. PR1414649

On the ACX5448-X:SKU and ACX5448-D, 96000 ARPs get populated. However, only 47000 NH entries

•

are present. Around 50 percent of packet drop is observed. PR1426734

Chassisd might crash with unsupported hcos configuration when an MX104 is used as a fusion aggregation

•

device. PR1430076

The l2cpd process might crash and generate a core file when interfaces flaps. PR1431355

•

Deviation in traffic rate in the queue is around 8 % to 10% percent in some cases. PR1436297

•

1PPS performance metrics (class A) of G.8273.2 are not met for 1G interfaces because of the variable

•

latency added by the Vittesse PHY. PR1439231

The interface on ACX1100 devices remains down when using SFP-1FE-FX (740-021487). PR1439384

•

Transit DHCP packets are not punted to CPU and are transparently passthrough. PR1439518

•

When the interface is flapped between channelized configurations, 25-Gigabit Ethernet to 100-Gigabit

•

the aggregated Ethernet interface configuration is not cleaned up properly. PR1441374

In an ACX5448 platforms, when the PFE failed to allocate packet buffer, portion of packet memories

•

may not be freed. PR1442901

RED drops might be seen after link flaps or CoS configuration changes. PR1443466

•

ACX5448/18.3R1-S4.1 is not performing proper dot1p CoS rewrite on interfaces configured with

•

l2circuit/local-switching/family ccc. PR1445979

On ACX Series, the auto exported route between VRFs might not respond for icmp echo requests.

•

PR1446043

l2circuit with a backup-neighbor (hot-standby) configured might stop forwarding traffic after failovers.

•

PR1449681

oper-state for et interface does not transition from 'init' to 'Normal'. PR1449937

•

RMPC core files are found after configuration changes done on the network for PTP/Clock

•

Synchronization. PR1451950

After disabling 100G and 40G interface Laser output power in show interfaces diagnostics optics shows

•

some values. PR1452323

ACX5448 FPC crashed due to segmentation fault. PR1453766

•

Incorrect operating state is displayed in snmp trap for fan removal. PR1455577

•

Enable gigether option to configure Ethernet FEC on client ports. PR1456293

•

ACX5448-D and ACX5448-M Devices does not display airflow information and temperature sensors

•

as expected. PR1456593

ACX5448 Layer2 VPN with encapsulation-type ethernet stops passing traffic after a random port is

•

added with vlan configuration. PR1456624

The rpd crash might be seen if BGP route is resolved over same prefix protocol next-hop in inet.3 table

•

which has both RSVP and LDP routes. PR1458595

Route resolve resolution is not happening when the packet size is 10000. PR1458744

•

The traffic might be blackholed during link recovery in an open ethernet access ring with ERPS configured.

•

PR1459446

ACX5000: SNMP mib walk for jnxOperatingTemp not returning anything for FPC in new versions.

•

PR1460391

ACX5448-M Interfaces and Optics support: on enabling local loopback 10G interface is going down.

•

PR1460715

ACX5448-D Interfaces and Optics support: sometimes during the bring up of AE interface there are

•

ARP resolution issues. PR1461485

ACX Series routers LLDP neighbor not up on lag after software upgrade to Junos OS Release 18.2R3-S1.

•

PR1461831

RED drop on interface, no congestion. PR1470619

•

Layer 2 Ethernet Services

DHCP request might get dropped in DHCP relay scenario. PR1435039

•

Platform and Infrastructure

REST API process will get non-responsive when a number of request coming with a high rate. PR1449987

•

Routing Protocols

Loopback address are exported into other VRF instance might not work on EX/QFX/ACX platforms.

•

PR1449410

MPLS LDP might still use stale MAC of the neighbor even the LDP neighbor's MAC changes. PR1451217

•

The rpd might crash continuously due to memory corruption in an IS-IS setup. PR1455432

•

SEE ALSO

What's New | 13

What's Changed | 21

Known Limitations | 22

Open Issues | 24

Documentation Updates | 33

Migration, Upgrade, and Downgrade Instructions | 33

Documentation Updates

IN THIS SECTION

Feature Guides Are Renamed As User Guides | 33

This section lists the errata and changes in Junos OS Release 19.4R3 for the ACX Series documentation.

Feature Guides Are Renamed As User Guides

Starting with Junos OS 19.4R1, we renamed our Feature Guides to User Guides to better reflect the

•

purpose of the guides. For example, the BGP Feature Guide is now the BGP User Guide. We didn’t change the URLs of the guides, so any existing bookmarks you have will continue to work. To keep the terminology consistent on our documentation product pages, we renamed the Feature Guides section to User Guides. To find documentation for your specific product, check out this link.

SEE ALSO

What's New | 13

What's Changed | 21

Known Limitations | 22

Open Issues | 24

Resolved Issues | 27

Migration, Upgrade, and Downgrade Instructions | 33

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION

Upgrade and Downgrade Support Policy for Junos OS Releases | 34

This section contains the upgrade and downgrade support policy for Junos OS for the ACX Series Router. Upgrading or downgrading Junos OS might take several minutes, depending on the size and configuration of the network.

For information about software installation and upgrade, see the Installation and Upgrade Guide.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.

You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,

17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from Junos OS Release 17.1 to Release 17.3.

You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.

For information about software installation and upgrade, see the Installation and Upgrade Guide.

For more information about EEOL releases and to review a list of EEOL releases, see

https://support.juniper.net/support/eol/software/junosevo/.

SEE ALSO

What's New | 13

What's Changed | 21

Known Limitations | 22

Open Issues | 24

Resolved Issues | 27

Documentation Updates | 33

Junos OS Release Notes for cRPD

IN THIS SECTION

What’s New | 35

What's Changed | 35

Known Limitations | 35

Open Issues | 36

Resolved Issues | 36

These release notes accompany Junos OS Release 19.4R3 for the containerized routing protocol process (cRPD) container. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

What’s New

There are no new features for cRPD in Junos OS Release 19.4R3.

What's Changed

There are no changes in behavior or syntax for cRPD in Junos OS Release 19.4R3.

Known Limitations

There are no known behavior or limitations for cRPD in Junos OS Release 19.4R3.

Open Issues

There are no known issues for cRPD in Junos OS Release 19.4R3.

Resolved Issues

There are no resolved issues for cRPD in Junos OS Release 19.4R3.

Junos OS Release Notes for EX Series Switches

IN THIS SECTION

What's New | 37

What's Changed | 47

Known Limitations | 50

Open Issues | 51

Resolved Issues | 54

Documentation Updates | 65

Migration, Upgrade, and Downgrade Instructions | 66

These release notes accompany Junos OS Release 19.4R3 for the EX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

What's New

IN THIS SECTION

What's New in 19.4R3 | 37

What's New in 19.4R2 | 37

What's New in 19.4R1 | 38

Learn about new features introduced in the Junos OS main and maintenance releases for EX Series switches.

NOTE: The following EX Series switches are supported in Release 19.4R3: EX2300, EX2300-C,

EX3400, EX4300, EX4600-40F, EX4650, EX9200, EX9204, EX9208, EX9214, EX9251, and EX9253.

What's New in 19.4R3

There are no new features or enhancements to existing features for EX Series switches in Junos OS Release

19.4R3.

What's New in 19.4R2

There are no new features or enhancements to existing features for EX Series switches in Junos OS Release

19.4R2.

What's New in 19.4R1

Authentication, Authorization, and Accounting

Disable LLDP TLV messages (EX4300-48MP switches)—Starting in Junos OS Release 19.4R1, you can

•

disable nonmandatory time, length, and value (TLV) messages so they will not be advertised by the Link Layer Discovery Protocol (LLDP) or Link Layer Discovery Protocol–Media Endpoint Discovery (LLDP-MED).

[See Device Discovery Using LLDP and LLDP-MED on Switches.]

Class of Service

Support for 802.1p rewrite of host outbound traffic (EX4300-MP)—Starting in Junos OS Release 19.4R1,

•

support is provided for 802.1p rewrite of host outbound traffic on EX4300-MP devices.

[See Applying Egress Interface Rewrite Rules to the IEEE 802.1p Field for All Host Outbound Traffic on

the Interface.]

EVPN

Support for EVPN routing policies (ACX5448, EX4600, EX4650, EX9200, MX Series, QFX Series, and

•

Route distinguisher ID

•

NLRI route type

•

EVPN Ethernet tag

•

BGP path attributes

•

Ethernet segment identifier

•

MAC address on EVPN Type 2 routes

•

IP address on EVPN Type 2 and EVPN Type 5 routes

•

Extended community

•

[See Routing policies for EVPN.]

Access security support in EVPN-VXLAN overlay networks (EX4300-48MP)—Starting in Junos OS

•

Release 19.4R1, we support access security features on EX4300-48MP switches that function as Layer 2 VXLAN gateways in an EVPN-VXLAN centrally-routed overlay network (two-layer IP fabric). We support the following features on Layer 2 server-facing interfaces that are associated with VXLAN-mapped VLANs:

DHCPv4 and DHCPv6 snooping. [See DHCP Snooping.]

•

Dynamic ARP inspection (DAI). [See Understanding and Using Dynamic ARP Inspection (DAI).]

•

Neighbor discovery inspection (NDI). [See IPv6 Neighbor Discovery Inspection.]

•

IPv4 and IPv6 source guard. [See Understanding IP Source Guard for Port Security on Switches.]

•

Router advertisement (RA) guard. [See Understanding IPv6 Router Advertisement Guard.]

•

The access security features function the same and you configure them in the same way in an EVPN-VXLAN environment as you do in a non-EVPN-VXLAN environment. However, keep these differences in mind:

We do not support these features on multihomed servers.

•

These features do not influence the VXLAN tunneling and encapsulation process.

•

Layer 3 VXLAN gateway support in EVPN-VXLAN overlay network (EX4300-48MP)—Starting in

•

Junos OS Release 19.4R1, the EX4300-48MP switch can function as a Layer 3 VXLAN gateway in an EVPN-VXLAN centrally-routed bridging overlay (two-layer IP fabric) and an edge-routed bridging overlay (collapsed IP fabric). As a Layer 3 VXLAN gateway, the switch supports these features:

Default gateway function through the configuration of an IRB interface. [See Using a Default Layer 3

•

Gateway to Route Traffic in an EVPN-VXLAN Overlay Network].

Routing of IPv6 data traffic through an EVPN-VXLAN overlay network with an IPv4 underlay. [See

•

Routing IPv6 Data Traffic through an EVPN-VXLAN Network with an IPv4 Underlay.]

EVPN pure Type 5 routes. [See Understanding EVPN Pure Type-5 Routes.]

•

Features supported on EX4650 and QFX5120 switches—Starting with Junos OS Release 19.4R1, the

•

following Junos OS features are supported on EX4650 and QFX5120 switches:

Automatically generated Ethernet segment identifiers (ESIs) in EVPN-VXLAN and EVPN-MPLS networks.

•

[See Understanding Automatically Generated and Assigned ESIs in EVPN Networks.]

Firewall filtering and policing on EVPN-VXLAN traffic.

•

[See Understanding VXLANs and Overview of Firewall Filters.]

Graceful restart on EVPN-VXLAN.

•

[See Graceful Restart in EVPN.]

IGMPv2 snooping for EVPN-VXLAN in a multihomed environment.

•

[See Overview of IGMP Snooping in an EVPN-VXLAN Environment.]

IPv6 data traffic support through an EVPN-VXLAN overlay network.

•

[See Routing IPv6 Data Traffic through an EVPN-VXLAN Network with an IPv4 Underlay.]

Layer 2 and 3 families, encapsulation types, and VXLAN on the same physical interface.

•

[See Understanding Flexible Ethernet Services Support with EVPN-VXLAN.]

MAC limiting, storm control, and port mirroring support in EVPN-VXLAN overlay networks.

•

[See MAC Limiting, Storm Control, and Port Mirroring Support in an EVPN-VXLAN Environment.]

Multihomed proxy advertisement.

•

[See EVPN Multihoming Implementation.]

Selective multicast forwarding and SMET route support in EVPN-VXLAN.

•

[See Overview of Selective Multicast Forwarding.]

Standard class-of-service (CoS) features—classifiers, rewrite rules, and schedulers—are supported on

•

VXLAN interfaces.

[See Understanding CoS on OVSDB-Managed VXLAN Interfaces.]

VMTO for ingress traffic.

•

[See Ingress Virtual Machine Traffic Optimization.]

Exclusion list with MAC pinning in an EVPN network (EX9200 and MX Series)—When you enable

•

mac-pinning on an interface, all MAC addresses that are learned on that interface will be pinned and cannot be relearned on the other interfaces in the EVPN network. Starting in Junos OS Release 19.4R1, you can create a list of MAC addresses that would be excluded from being pinned and the MAC address can be moved and relearned on another interface within the EVPN network. While MAC pinning is configured on the interface, the exclusion list is configured for the device. To create an exclusion list, include a list of MAC addresses with the exclusive-mac parameter at the [edit protocols l2-learning global-mac-move] hierarchy level.

[See Creating exclusion list for MAC Pinning.]

Junos OS XML, API, and Scripting

Python 3 support for commit, event, op, and SNMP scripts (ACX Series, EX Series, MX Series, PTX

•

[See Understanding Python Automation Scripts for Devices Running Junos OS.]

Automation script library upgrades (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX

•

idna (2.8)

•

jinja2 (2.10.1)

•

jnpr.junos (Junos PyEZ) (2.2.0)

•

lxml (4.3.3)

•

markupsafe (1.1.1)

•

ncclient (0.6.4)

•

packaging (19.0)

•

paho.mqtt (1.4.0)

•

pyasn1 (0.4.5)

•

yaml (PyYAML package) (5.1)

•

[See Overview of Python Modules Available on Devices Running Junos OS.]

Junos Telemetry Interface

•

JTI Packet Forwarding Engine and Routing Engine sensor support (EX4300-MP switches)—Starting in Junos OS Release 19.4R1, you can use the Junos Telemetry Interface (JTI) and remote procedure calls (gRPC) to stream statistics from EX4300-MP switches to an outside collector.

The following Routing Engine statistics are supported:

LACP state export

•

Chassis environmentals export

•

Network discovery chassis and components

•

LLDP export and LLDP model

•

BGP peer information (RPD)

•

RPD task memory utilization export

•

Network discovery ARP table state

•

Network discovery NDP table state

•

The following Packet Forwarding Engine statistics are supported:

Congestion and latency monitoring

•

Logical interface

•

Filter

•

Physical interface

•

NPU/LC memory

•

Network discovery NDP table state

•

To provision a sensor to export data through gRPC, use the telemetrySubscribe RPC to specify telemetry parameters. Streaming telemetry data through gRPC also requires the OpenConfig for Junos OS module. Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled into the Junos OS image by default. Both packages support the Junos Telemetry Interface (JTI).

[See Configuring a Junos Telemetry Interface Sensor (CLI Procedure), Configure a Telemetry Sensor in

Junos and Guidelines for gRPC Sensors (Junos Telemetry Interface).]

•

JTI and OpenConfig support for VLAN sensors (EX4650, QFX5120)—Junos OS Release 19.4R1 supports the export of VLAN statistics using either Junos Telemetry Interface (JTI) services or remote procedure call (gRPC) services. You can export statistics at configurable intervals to an outside collector.

This feature includes OpenConfig support for the data model openconfig-vlan.yang for VLAN configuration version 1.0.2.

Use the following resource paths in a gRPC or gNMI subscription:

/vlans/

•

/vlans/vlan/state/name

•

/vlans/vlan/state/vlan-id

•

/vlans/vlan/state/status

•

/vlans/vlan/members/

•

/vlans/vlan/members/member/interface-ref/state/interface/

•

/vlans/vlan/members/member/interface-ref/state/interface/switched-vlan/state/interface-mode

•

/vlans/vlan/members/member/interface-ref/state/interface/switched-vlan/state/native-vlan

•

/vlans/vlan/members/member/interface-ref/state/interface/switched-vlan/state/access-vlan

•

/vlans/vlan/members/member/interface-ref/state/interface/switched-vlan/state/trunk-vlan

•

/vlans/vlan/members/member/interface-ref/state/interface/vlan/state/vlan-id

•

Streaming telemetry data through gRPC or gNMI also requires the OpenConfig for Junos OS module.

[See Guidelines for gRPC and gNMI Sensors (Junos Telemetry Interface).]

Layer 2 Features

Redundant trunk group support (EX4650 and QFX5120)—Starting with Junos OS Release 19.4R1,

•

EX4650 and QFX5120 switches support redundant trunk group (RTG) links.

[See Redundant Trunk Groups.]

Ethernet ring protection switching (ERPS)(EX4300-MP)—Starting in Junos OS Release 19.4R1, the

•

EX4300-MP supports Ethernet ring protection switching (ERPS) to reliably achieve carrier-class network

requirements for Ethernet topologies forming a closed loop. The ITU-T Recommendation is G.8032 version 1.

ERPS version 1 comprises the following features:

Revertive mode of operation of the Ethernet ring

•

Multiple ring instances on the same interfaces

•

Multiple ring instances on different interfaces

•

Interworking with Spanning Tree Protocol, Multiple Spanning Tree Protocol, and redundant trunk

•

groups

[See Ethernet Ring Protection Switching Overview.]

Ethernet ring protection switching (ERPS)(EX4650 and QFX5120)—Starting in Junos OS Release 19.4R1,

•

the EX4650 and QFX5120 support Ethernet ring protection switching (ERPS) to reliably achieve carrier-class network requirements for Ethernet topologies forming a closed loop. The ITU-T Recommendation is G.8032 version 1.

ERPS version 1 comprises the following features:

Revertive mode of operation of the Ethernet ring

•

Multiple ring instances on the same interfaces

•

Multiple ring instances on different interfaces

•

Interworking with Spanning Tree Protocol, Multiple Spanning Tree Protocol, and redundant trunk

•

groups

[See Ethernet Ring Protection Switching Overview.]

MPLS

MPLS scaling enhancements (EX4650 and QFX5120)—Starting in Junos OS Release 19.4R1, MPLS

•

scaling is enhanced on EX4650 and QFX5120 switches. For instance, you can increase the scale from its default 1024 to 8192 on QFX5120 switches. This enhancement optimizes and increases the ingress tunnel scale to address the current needs of data center networks either in IP-CLOS or IP over MPLS application spaces.

[See Supported MPLS Scaling Values.]

Multicast

Multicast VLAN registration (MVR) (EX4300-48MP switches and Virtual Chassis)—Starting in Junos

•

OS Release 19.4R1, EX4300 multigigabit (EX4300-48MP) switches and Virtual Chassis support multicast VLAN registration (MVR). MVR efficiently distributes IPTV multicast streams across an Ethernet ring-based Layer 2 network and reduces the bandwidth needed for this traffic. MVR uses a multicast VLAN (MVLAN) as a source VLAN associated with one or more multicast group addresses, and you designate other VLANs as MVR receiver VLANs that have listeners interested in the MVLAN traffic. The device selectively forwards the traffic from source interfaces on the MVLAN to receiver interfaces that are on the MVR receiver VLANs (but not on the MVLAN).

[See Understanding Multicast VLAN Registration.]

Operation, Administration, and Maintenance (OAM)

Ethernet CFM support (EX4300-MP switches)—Starting with Junos OS Release 19.4R1, the EX4300-MP

•

switch supports Ethernet connectivity fault management (CFM). You can use Ethernet CFM to:

Monitor faults, using the continuity check messages (CCM) protocol to discover and maintain adjacencies

•

at the VLAN or link level.

Discover paths and verify faults, using the linktrace protocol to map the path taken to a destination

•

MAC address.

Isolate faults, using loopback messages, and troubleshoot.

•

You configure Ethernet CFM using the set protocols oam ethernet connectivity-fault-management command, and verify the configuration using the show oam ethernet connectivity-fault-management command.

Support for Ethernet CFM (EX4650)—Starting with Junos OS Release 19.4R1, the EX4650 switch

•

supports Ethernet connectivity fault management (CFM). You can use Ethernet CFM to:

Monitor faults, using the continuity check messages (CCMs) to discover and maintain adjacencies at

•

the VLAN or link level.

Discover paths and verify faults, using the Link Trace protocol to map the path taken to a destination

•

MAC address.

Isolate and troubleshoot faults, using loopback messages.

•

NOTE: Only down maintenance association end points (MEPs) are supported in CFM.

You configure Ethernet CFM using the set protocols oam ethernet connectivity-fault-management command, and verify the configuration using the show oam ethernet connectivity-fault-management command.

[See Understanding Ethernet OAM Connectivity Fault Management for Switches.]

Support for LFM (EX4650)—Starting with Junos OS Release 19.4R1, the EX4650 switch supports OAM

•

link fault management (LFM). You can configure OAM LFM on point-to-point Ethernet links that are connected directly or through Ethernet repeaters, and on aggregated Ethernet interfaces. The LFM status of individual links determines the LFM status of the aggregated Ethernet interface. The EX4650 supports the following OAM LFM features:

Discovery and link monitoring

•

Remote fault detection

•

Remote loopback

•

[See IEEE 802.3ah OAM Link-Fault Management Overview.]

Port Security

Stateless address autoconfiguration (SLAAC) snooping (EX4300-48MP)—Starting in Junos OS Release

•

19.4R1, the EX4300-48MP switch supports Stateless address auto configuration (SLAAC) snooping. The switch validates IPv6 clients that use SLAAC for dynamic address assignment against the SLAAC snooping binding table before allowing the clients access to the network.

[See IPv6 Stateless Address Auto-configuration (SLAAC) Snooping.]

Untrusted mode on trunk interfaces for DHCP security (EX4300-48MP)—Starting in Junos OS Release

•

19.4R1, you can configure a trunk interface as untrusted for DHCP security features on EX4300-48MP switches. Trunk interfaces in untrusted mode support DHCP snooping and DHCPv6 snooping, dynamic ARP inspection (DAI), and IPv6 neighbor discovery inspection.

[See Understanding Trusted and Untrusted Ports.]

MACsec license enforcement (EX4300-48MP)—Starting in Junos OS Release 19.4R1, you must install

•

a Media Access Security (MACsec) feature license if you want MACsec functionality on your EX4300-48MP switch. If the MACsec license is not installed, MACsec functionality cannot be activated. You add the MACsec license using the request system license add command.

[See Understanding Media Access Control Security (MACsec).]

Routing Policy and Firewall Filters

Firewall filter support on IPv6 egress interfaces (EX4300-48MP)—Starting in Junos OS Release 19.4R1,

•

you can configure a firewall filter on an IPv6 egress interface to match the specified IPv6 source or destination addresses, for example, to protect a third-party device connected to the switch.

[See eracl-ip6-match and Configuring an Egress Filter Based on IPv6 Source or Destination IP Addresses.]

System Logging

Improved intermodule communication between FFP and MGD (ACX Series, EX Series, MX Series, PTX

•

Additional information is now logged for MGD-FFP intermodule communication.

•

Commit errors that previously were only shown onscreen are now logged.

•

We provide a new operational command, request debug information, to speed up the initial information-gathering phase of debugging.

[See request debug information.]

System Management

Change status LED for network port to chassis beacon light (EX2300, EX2300 Virtual Chassis, EX3400,

•

EX3400 Virtual Chassis)—By default, when a network port and its associated link are active, the status LED for that port blinks green 8 times per second. Starting in Junos OS Release 19.4R1, you can use the request chassis beacon command to slow down the current blinking rate to 2 blinks per second. The slower-blinking and steadier green light acts as a beacon that leads you to an EX2300 or EX3400 switch or a particular port in a busy lab.

Using options with the request chassis beacon command, you can do the following for one or all network port status LEDs on a specified FPC):

Turn on the beacon light for:

•

5 minutes (default)

•

A specified number of minutes (1 through 120)

•

Turn off the beacon light:

•

Immediately

•

After a specified number of minutes (1 through 120)

•

After the beacon light is turned off, the blinking rate for the network port’s status LED returns to 8 blinks per second.

[See request chassis beacon.]

User Interface and Configuration

Support for configuring the ephemeral database using the NETCONF and Junos XML protocols

•

(EX4300-48MP, EX9251, and EX9253 switches)—Starting in Junos OS Release 19.4R1, NETCONF and Junos XML protocol client applications can configure the ephemeral configuration database on EX4300-48MP, EX9251, and EX9253 switches. The ephemeral database provides a fast programmatic interface that enables multiple clients to simultaneously load and commit configuration changes on a device running Junos OS and with significantly greater throughput than when committing data to the candidate configuration database. The device’s active configuration is a merged view of the committed configuration database and the configuration data in all instances of the ephemeral configuration database.

[See Understanding the Ephemeral Configuration Database.]

SEE ALSO

What's Changed | 47

Known Limitations | 50

Open Issues | 51

Resolved Issues | 54

Documentation Updates | 65

Migration, Upgrade, and Downgrade Instructions | 66

What's Changed

IN THIS SECTION

What's Changed in 19.4R3 | 48

What's Changed in 19.4R2 | 48

What's Changed in 19.4R1 | 49

Learn about what changed in Junos OS main and maintenance releases for EX Series.

What's Changed in 19.4R3

Routing Protocols

Advertising /32 secondary loopback addresses to Traffic Engineering Database (TED) as prefixes (ACX

•

Juniper Extension Toolkit (JET)

Set the trace log to only show error messages (ACX Series, EX Series, MX Series, PTX Series, QFX

•

Series, SRX Series)—You can set the verbosity of the trace log to only show error messages using the error option at the [edit system services extension-service traceoptions level] hierarchy.

[See traceoptions (Services).]

What's Changed in 19.4R2

Class of Service (CoS)

We’ve corrected the output of the show class-of-service interface | display xml command. The output

•

is of the following sort: <container> <leaf-1> data </leaf-1><leaf-2>data </leaf-2> <leaf-3> data</leaf-3> <leaf-1> data </leaf-1> <leaf-2> data </leaf-2> <leaf-3> data </leaf-3> </container> will now appear correctly as <container> <leaf-1> data </leaf-1><leaf-2>data </leaf-2> <leaf-3> data</leaf-3></container> <container> <leaf-1> data </leaf-1> <leaf-2> data </leaf-2> <leaf-3> data </leaf-3> </container>.

General Routing

Support for full inheritance paths of configuration groups to be built into the database by default (EX

•

Series and QFX Series)—Starting with Junos OS Release 19.4R2, the persist-groups-inheritance option at the [edit system commit] hierarchy level is enabled by default. To disable this option, use no-persist-groups-inheritance.

[See commit (System).]

LLDP ON_CHANGE statistics support with JTI (ACX Series, EX Series, MX Series, PTX Series, QFX

•

Series, SRX Series)—Enhanced telemetry ON_CHANGE event support provides the following LLDP attributes: - When LLDP is enabled on interfaces, LLDP interface counters are notified along with other interface-level attributes. - ON_CHANGE event reports LLDP neighbor age and custom TLVs, as well as when a neighbor is initially discovered

See Guidelines for gRPC and gNMI Sensors (Junos Telemetry Interface).

Multicast

Multicast Layer 2 transit traffic statistics by multicast source and group (EX4600, EX4650, and the

•

QFX5000 line of switches)—Starting in Junos OS Release 19.4R2, EX4600, EX4650, and the QFX5000 line of switches provide statistics on the packet count for each multicast group and source when passing multicast transit traffic at Layer 2 with IGMP snooping. Run the show multicast snooping route extensive CLI command to see this count in the Statistics: … n packets output field. The other statistics in that output field, kBps and pps, are not available (values displayed there are not valid statistics for multicast traffic at Layer 2). In earlier Junos OS releases, all three values in the Statistics output field for kBps, pps, and packets do not provide valid statistics for multicast traffic at Layer 2.

[See show multicast snooping route.]

Routing Protocols

Advertising /32 secondary loopback addresses to Traffic Engineering Database (TED) as prefixes (ACX

•

What's Changed in 19.4R1

Interfaces and Chassis

Logical Interface is created along with physical interface by default (MX Series, QFX Series, EX

•

Series)—Starting in Junos OS Release 19.4R1, logical interfaces are created on ge, et, and xe interfaces along with the physical interface, by default. In earlier Junos OS releases, by default, only physical interfaces are created.

For example, for ge interfaces, previously when you viewed the show interfaces command, by default, only the physical interface (ge-0/0/0), was displayed. Now, the logical interface (ge-0/0/0.16386) is also displayed.

Routing Protocols

XML RPC equivalent included for the show bgp output-scheduler | display xml rpc CLI command (ACX

•

Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release

[See show bgp output-scheduler.]

SEE ALSO

What's New | 37

Known Limitations | 50

Open Issues | 51

Resolved Issues | 54

Documentation Updates | 65

Migration, Upgrade, and Downgrade Instructions | 66

Known Limitations

IN THIS SECTION

Platform and Infrastructure | 50

Learn about known limitations in this release for EX Series. For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Platform and Infrastructure

The following error message might appear: Failed to complete DFE tuning. This error message has no

•

functional impact and can be ignored. PR1473280

Because of storage issue ZTP functionality fails. Follow the methods given in the Knowledge Base to

•

clean up the storage space as cleanup packages os-package.tgz and package-hooks-ex.tgz are not present in Junos OS Release 19.4X. PR1497123

SEE ALSO

What's New | 37

What's Changed | 47

Open Issues | 51

Resolved Issues | 54

Documentation Updates | 65

Migration, Upgrade, and Downgrade Instructions | 66

Open Issues

IN THIS SECTION

Infrastructure | 51

Interfaces and Chassis | 52

Layer 2 Features | 52

Platform and Infrastructure | 52

Routing Protocols | 53

Virtual Chassis | 54

Learn about open issues in Junos OS Release 19.4R3 for EX Series. For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Infrastructure

When xSTP/RTG is not configured in the network and there is a traffic loop, after the network loop is

•

broken, sometimes MAC address learning might not happen. As a workaround, restart the PFEM.

PR473454

On EX Series switches, if you are configuring a large-scale number of firewall filters on some interfaces,

•

the FPC might crash and generate core files. PR1434927

On an EX9251 switch, IFDE: Null uint32 set vector, ifd and IFFPC: 'IFD Ether uint32 set' (opcode 151)

•

error message is observed continuously in AD with base configurations. PR1485038

OID ifOutDiscards reports zero and sometimes shows a valid value. PR1522561

•

Interfaces and Chassis

After GRES, the VSTP port cost on aggregated Ethernet interfaces might get changed, leading to a

•

topology change. PR1174213

Layer 2 Features

GARP error message DND_ANUPAM_JUNE_10_client eswd[1203]: vlan_interface_admin_up: vif ifl flags

•

0xc000 is generated when there is a deletion or addition of MAC address in the FDB. PR1192520

Platform and Infrastructure

On an EX2300 switch, the output of the show chassis routing-engine command might display an incorrect

•

value of Router rebooted after a normal shutdown for the last reboot reason field. PR1331264

When VLAN is added as an action for changing the VLAN in both ingress and egress filters, the filter is

•

not installed. PR1362609

Scale of 150 VRRP is not tested before; there are no issues observed for 100 VRRP groups. At the higher

•

scale, there are no drops but traffic gets flooded for groups beyond 100. PR1371520

On an EX9208 switch, a few xe- interfaces go down with the following error message:

•

if_msg_ifd_cmd_tlv_decode ifd xe-0/0/0 #190 down with ASIC Error. PR1377840

On EX Series platforms, the DHCP/PPP subscribers might fail to bind. The reason is that when you install

•

a new software image, its shared memory (created by the previously running image) might not be cleared out. The issue persists until the previous values in the shared memory are removed and the daemons affected by the data in the shared memory continue generating core files. Thus they will not be able to function properly. PR1396470

On EX Series platforms, unicast RPF check in strict mode might not work properly. PR1417546

•

When the chassisd process receives incorrect values from LCMD for the RPM values, the fan status

•

changes to Failed from OK, and vice versa. PR1417839

The runt counter never incremented in the output of the show interface x/x/x extensive command when

•

a runt packet with less than 64 Bytes frame size is received. The packet will be dropped as expected.

PR1419724

On the EX9208 devices, traffic loss is observed if ingress and egress ports are in different FPCs.

•

PR1429714

The EX4300-48MP switch cannot learn MAC address through some access ports that are directly

•

connected to a host when autonegotiation is used. PR1430109

On the EX9214 switch, if the MACsec-enabled link flaps after reboot, the error errorlib_set_error_log():

•

err_id(-1718026239) is observed. PR1448368

On EX9208 switches, 33 percent degradation in MAC learning rate is observed in Junos OS Release

•

19.3R1 while comparing with Junos OS Release 18.4R1. PR1450729

In overall commit time, the evaluation of mustd constraints is taking 2 seconds more than usual. This is

•

because the persist-group-inheritance feature has been made as a default feature in the latest Junos OS releases. Eventually, this feature helps improve the subsequent commit times for scaled configurations significantly. The persist-group-inheritance feature is useful in customer scenarios where groups and nested groups are used extensively. In those scenarios, the group inheritance paths are not built every time, thus subsequent commits are faster. PR1457939

On EX2300 and EX3400 platforms, when doing an upgrading operation, as image size grows over a

•

period of time and subsequently storage is insufficient to install images, the upgrade might fail with the error message not enough space to unpack. PR1464808

On an EX9214, while verifying the last-change op-state value through XML, rpc-reply message is

•

inappropriate. PR1492449

On the EX4300-48MP and EX4300 Virtual Chassis, if the LAG interface with member interfaces of 40G

•

or 100G is configured across the master and the standby FPCs of the Virtual Chassis, the OSPF configured on the IRB interface over this LAG might be stuck in ExStart state. The issue impacts the establishment of the OSPF neighbor. PR1498903

On EX4300-48MP platforms with multi-rate gigabit ethernet (mge) interfaces, if a mge interface which

•

is located within port range 24-47 is connected with some specific devices (for example: a bypass module from DELL), when the far end of the link goes down, the mge interface might still stay up. It leads to traffic drop when sending traffic through the affected link. PR1502467

A 35-second delay is added in reboot time from Junos OS Release 20.2R1 compared to Junos OS Release

•

19.4R2. PR1514364

LLDP might not work on non-aggregated Ethernet interfaces. PR1538401

•

In Junos fusion, l2cpd core file might be generated upon deactivating and activating chassis

•

satellite-management multiple times. PR1545310

Routing Protocols

On EX9251 platform, ECDSA256+SHA256 is not used for software integrity checking because of issue

•

with FIPS mode and telnet to device does not work. PR1504211

On EX4300 platforms, OSPFv3 configured with IPsec authentication, the OSPFv3 adjacency is not

•

established after device reboot. PR1525870

Virtual Chassis

EX4650 switches generate the following messages during booting:

•

bcmsdk_5_9_x kldKLD bcmsdk_5_9_x.ko: depends on acb - not available or version mismatch

linker_load_file: Unsupported file type

kldload: an error occurred while loading the module

This message does not have any effect on the feature or functionality. PR1527170

SEE ALSO

What's New | 37

What's Changed | 47

Known Limitations | 50

Resolved Issues | 54

Documentation Updates | 65

Migration, Upgrade, and Downgrade Instructions | 66

Resolved Issues

IN THIS SECTION

Resolved Issues: 19.4R3 | 55

Resolved Issues: 19.4R2 | 57

Resolved Issues: 19.4R1 | 60

Learn which issues were resolved in Junos OS main and maintenance releases for EX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: 19.4R3

Authentication and Access Control

On the EX4600 and EX4300 switches, MAC entry is not present in the Ethernet Switching table for the

•

MAC-RADIUS client in a server fail scenario when tagged traffic is sent for the second client. PR1462479

The authd process might have memory leak in dot1x scenario with RADIUS authentication. PR1503117

•

On the EX2300-48MP switch, authentication failure might occur on the captive portal. PR1504818

•

The Junos OS event DOT1XD_AUTH_SESSION_DELETED might not be triggered with a single supplicant

•

mode. PR1512724

The dot1x client will not be moved to the hold state when the authenticated PVLAN is deleted.

•

PR1516341

EVPN

The l2ald memory leak might be observed in any EVPN scenario. PR1498023

•

The VXLAN function might be broken due to a timing issue. PR1502357

•

Unable to create a new VTEP interface. PR1520078

•

Infrastructure

The fxpc process might crash when configuring scaled configuration with 4093 VLANs. PR1493121

•

The IP communication between directly connected interfaces on the EX4600 switch might fail. PR1515689

•

Interfaces and Chassis

A stale IP address might be seen after a specific order of configuration changes under logical-systems

•

scenario. PR1477084

Traffic over MC-LAG drops because the next-hop points ICL link instead of MC-LAG. PR1486919

•

Layer 2 Features

On EX4650 switches with Q-in-Q, the third VLAN tag is not pushed onto the stack and SWAP is being

•

done instead. PR1469149

Traffic imbalance might be observed on EX4600 switches if hash-params is not configured. PR1514793

•

MAC address in hardware table might become out of sync between master and member in Virtual Chassis

•

after MAC flap. PR1521324

Platform and Infrastructure

Virtual Chassis split is seen after the network topology is changed. PR1427075

•

On the EX4600 switch, traffic loss might be seen with framing errors or runts if MACsec is configured.

•

PR1469663

On the EX4600 switch, DSCP marking might not work as expected if the fixed classifiers are applied to

•

interfaces. PR1472771

MAC learning under bridge domain stops after MC-LAG interface flaps. PR1488251

•

On EX2300 switches, high CPU load due to receipt of specific multicast packets on Layer 2 interface.

•

PR1491905

IPv6 neighbor solicitation packets might be dropped in a transit device. PR1493212

•

Packets get dropped when the next hop is IRB over LT-interface. PR1494594

•

On the EX4300 switch, the NSSU upgrade might fail due to a storage issue in the /var/tmp directory.

•

PR1494963

High CPU load due to receipt of specific IPv4 packets. PR1495129

•

The fxpc process might crash when renumbering the master member ID value of the EX2300 and EX3400

•

Virtual Chassis. PR1497523

Outbound SSH connection flap or memory leak issue might be observed when pushing configuration

•

to ephemeral database with high rate. PR1497575

Traffic might get dropped if aggregated Ethernet member interface is deleted and then added or a SFP

•

of the aggregated Ethernet member interface is unplugged or plugged. PR1497993

Firewall filter might not get applied on EX4600 switches. PR1499647

•

On the EX4300, EX3400, and EX2300 Virtual Chassis with NSB and xSTP enabled, the continuous traffic

•

loss might be observed while doing GRES. PR1500783

On the EX4300 switch, traffic loss might be seen with framing errors or runts if MACsec is configured.

•

PR1502726

LLDP packets are not acquired when native-vlan-id configured is the same as tagged vlan-id. PR1504354

•

The isolated VLAN from the RADIUS server is not deleted when the interface flaps. PR1506427

•

The output VLAN push might not work. PR1510629

•

LLDP might not work when PVLAN is configured on EX Series Virtual Chassis. PR1511073

•

On EX4300 switches, LACP goes down after performing Routing Engine switchover if the MACsec is

•

enabled on the LAG members. PR1513319

Last commit line in configuration is updated after the backup configuration has been done. PR1513499

•

The 100M SFP-FX is not supported on satellite device in Junos fusion setup. PR1514146

•

The "dot1x" memory leak is observed. PR1515972

•

The dcpfe process might crash because of memory leak. PR1517030

•

On EX4300 switches, redirected IP traffic is being duplicated. PR1518929

•

MPPE-Send/Recv-key attribute is not extracted correctly by dot1xd. PR1522469

•

The show interface extensive output Drops and Dropped Packets counters are double counting.

•

PR1525373

Routing Protocols

The FPC process goes to the NotPrsnt state after upgrading the QFX5100 Virtual Chassis and Virtual

•

Chassis Fabric. PR1485612

The BGP route-target family might prevent the route reflector from reflecting Layer 2 VPN and Layer

•

3 VPN routes. PR1492743

On EX4300-MP and EX4600 switches, high CPU load due to receipt of specific Layer 2 frames in

•

EVPN-VXLAN deployment and specific Layer 2 frames when deployed in a Virtual Chassis configuration.

PR1495890

Firewall filter could not work in certain conditions in a Virtual Chassis setup. PR1497133

•

The rpd process might report 100 percent CPU usage with BGP route damping enabled. PR1514635

•

Packet loss might be observed while verifying traffic from access to core network for IPv4 and IPv6

•

interfaces. PR1520059

User Interface and Configuration

Installing J-Web application package might fail on the EX2300 and EX3400 switches. PR1513612

•

J-Web does not display the correct flow-control status on EX Series devices. PR1520246

•

Resolved Issues: 19.4R2

Class of Service (CoS)

Shaping does not work after the reboot if shaping-rate is configured. PR1432078

•

The traffic is placed in network-control queue on an extended port even if it comes in with a different

•

DSCP marking. PR1433252

EVPN

The ESI of IRB interfaces does not update after an autonomous-system number change if the interface

•

is down. PR1482790

Forwarding and Sampling

Type 1 ESI/AD route might not be generated locally on an EVPN PE device in all-active mode. PR1464778

•

General Routing

The l2cpd process might crash and generate a core file when interfaces are flapping. PR1431355

•

IRB over VTEP unicast traffic might get dropped on EX9200 platforms. PR1436924

•

The MAC pause frames will increment in the receive direction if half-duplex mode on 10-Mbps or

•

100-Mbps speed is configured. PR1452209

Link-up delay and traffic drop might be seen on mixed service provider Layer 2 or Layer 3 type and

•

enterprise style Layer 2 type configurations. PR1456336

MAC addresses learned on an RTG might not be aged out after the aging time. PR1461293

•

The RTG link is nearly 20 seconds down when the backup node is rebooting. PR1461554

•

On EX Series switches with ELS, some command lines to disable MAC learning are not working.

•

PR1464797

The jdhcpd might consume high CPU and no further subscribers can be brought up if there are more

•

than 4000 DHCP relay clients in the MAC move scenario. PR1465277

The MAC move message might have an incorrect from interface when rapid MAC moves happen.

•

PR1467459

FPCs might get disconnected from the EX3400 Virtual Chassis briefly after image upgrade or reboot.

•

PR1467707

Optics measurements might not be streamed for interfaces of a PIC over JTI. PR1468435

•

SSH session closes while you check for the show configuration | display set command for both local and

•

non-local users. PR1470695

EX3400 is advertising only 100 Mbps when configured with 100-Mbps speed with autonegotiation

•

enabled. PR1471931

The shaping of CoS does not work after reboot. PR1472223

•

CoS 802.1p bits rewrite might not happen in Q-in-Q mode. PR1472350

•

The RIPv2 packets forwarded across a Layer 2 circuit connection might be dropped. PR1473685

•

On EX4300 switches, the output of the show security macsec statisitics command shows incorrect high

•

values. PR1476719

The dhcpd process might crash in a Junos fusion environment. PR1478375

•

Core files are generated at cassis_alloc_list_timed_free in cassis_free_thread_entry. PR1478392

•

TFTP installation from the loader prompt might not succeed on the EX Series switches. PR1480348

•

ARP request packets for unknown hosts might get dropped in the remote PE device in an EVPN-VXLAN

•

scenario. PR1480776

On EX2300, SNMP traps are not generated when the MAC addresses limit is reached. PR1482709

•

DHCP binding fails while verifying DHCPv4 snooping fucntionality in a private VLAN with a firewall to

•

block or allow certain IPv4 packets. PR1490689

Traffic loss might be seen under MC-LAG scenario on EX4650. PR1494507

•

Infrastructure

Continuous dcpfe error messages and eventd process hog might be seen in an EX2300 Virtual Chassis

•

scenario. PR1474808

Kernel core file might be generated if you deactivate daemon on EX2300 and EX3400 platforms.

•

PR1483644

Interfaces and Chassis

Executing commit might hang because of a stuck dcd process. PR1470622

•

Junos Fusion for Enterprise

The SDPD generates core files at vfpc_all_eports_deletion_complete vfpc_dampen_fpc_timer_expiry.

•

PR1454335

Loop detection might not work on extended ports in a Junos fusion scenario. PR1460209

•

Junos Fusion Satellite Software

Temperature sensor alarms are seen on EX4300 switches in a Junos fusion scenario. PR1466324

•

Layer 2 Features

The LLDP function might fail when a Juniper Networks device connects to a non-Juniper device.

•

PR1462171

Traffic might be affected if composite next hop is enabled. PR1474142

•

Layer 2 Ethernet Services

Member links state might be asychronized on a connection between a PE device and a CE device in an

•

EVPN A/A scenario. PR1463791

Confirm and reply packets might not get processed correctly because of issues with DHCPv6 relay

•

processing. PR1496220

MPLS

BGP session might keep flapping between two directly connected BGP peers because of the incorrect

•

usage of the TCP-MSS. PR1493431

Platform and Infrastructure

The IRB traffic might drop after a mastership switchover. PR1453025

•

The OSPF neighbor might go down when mDNS or PTP traffic is received at a rate higher than 1400

•

pps. PR1459210

Traffic loss might be observed for more than 20 seconds when performing NSSU on EX4300 Virtual

•

Chassis. PR1461983

IGMP reports are dropped with mixed enterprise/SP configuration styles on EX4300 switches.PR1466075

•

The switch might not be able to learn MAC addresses with dot1x and interface-mac-limit configured.

•

PR1470424

On an EX4300, the input firewall filter attached to isolated or community VLANs is not matching dot1p

•

bits on the VLAN header. PR1478240

The traffic destined to a VRRP VIP might be dropped after the IRB interface is disabled on the initial

•

VRRP master. PR1491348

Routing Protocols

BGP IPv4 or IPv6 convergence and RIB install or delete time degraded in Junos OS Releases 19.1R1,

•

19.2R1, 19.3R1, and 19.4R1. PR1414121

The MUX state in an LACP interface does not go to collecting and distributing and remains attached

•

after enabling the aggregated Ethernet interface. PR1484523

FPC might go to "NotPrsnt" state after upgrading with non-tvp image in Virtual Chassis or Virtual Chassis

•

Fabric setup. PR1485612

User Interface and Configuration

The umount: unmount of /.mount/var/val/chroot/packages/mnt/jweb-ex32-d2cf6f6b failed: Device

•

busy message is seen when Junos OS is upgraded with the validate option. PR1478291

Virtual Chassis

Disabling one of the VCP ports might result in other VCP port to flap. PR1469257

•

Resolved Issues: 19.4R1

Authentication and Access Control

After rebooting the preloaded box, the SSL certificate is not displayed. PR1431086

•

EVPN

In EVPN scenario, the IRB logical interface might not come up when the local Layer 2 interface is down.

•

PR1436207

ARP request or Neighbor Solicitation (NS) message might be sent back to the local segment by the DF

•

router. PR1459830

The rpd might crash after changing EVPN related configuration. PR1467309

•

General Routing

On the EX3400, when me0 ports are connected between two EX3400 switches, the link does not come

•

up. PR1351757

Transit OSPF traffic over Q-in-Q tunneling might be dropped if a firewall filter is applied to the Lo0

•

interface. PR1355111

The l2ald process might crash and generate a core file on EX2300 Virtual Chassis when converted a

•

trunk port is converted to a dot1x access port with tagged traffic flowing. PR1362587

The interface on the failed member FPC of EX2300 and EX3400 Virtual Chassis might stay up for 120

•

seconds. PR1422507

IPv6 multicast traffic received on one Virtual Chassis member might be dropped when egressing on

•

another Virtual Chassis member if MLD snooping is enabled. PR1423310

MAC addresses overlaps between different switches. PR1425123

•

The delay in transmission of BPDUs after GRES might result in loss of traffic on EX2300 and EX3400

•

Virtual Chassis. PR1428935

Erroneous log messages and chassis environment output related to the fan tray in EX4300MP and

•

EX4300-48P Virtual Chassis. PR1431263

The l2cpd process might crash and generate a core file when interfaces flap. PR1431355

•

Packet drop might be seen if native VLAN is configured along with flexible VLAN tagging. PR1434646

•

Micro BFD session might flap upon inserting a QSFP to other port. PR1435221

•

The mc-ae interface might get stuck in waiting state in a dual mc-ae scenario. PR1435874

•

Commit check error for VSTP on the EX9200 line of switches xSTP:Trying to configure too many

•

interfaces for given protocol. PR1438195

LED turns on even after the Virtual Chassis members are powered off. PR1438252

•

The DHCP snooping table might be cleared for VLAN ID 1 after adding a new VLAN ID to it. PR1438351

•

The rpd process might generate a core file when the router boots up because of a file pointer issue

•

because there are two code paths that can close the file. PR1438597

The dot1x might not work when captive-port is also configured on the interface on the backup or

•

nonmaster FPC. PR1439200

DHCPv6 relay binding is not up while verifying DHCP snooping along with DHCPv6 relay. PR1439844

•

EX4600 Virtual Chassis does not come up after replacing the Virtual Chassis port from fiber connection

•

to DAC cable. PR1440062

CPU might hang or interface might get stuck on a particular 100-Gigabit Ethernet port on EX Series

•

switches. PR1440526

MAC addresses learned on RTG might not be aged out after a Virtual Chassis member is rebooted.

•

PR1440574

Clients in isolated VLAN might not get IP addresses after completing authentication when both

•

dhcp-security and dot1x are configured. PR1442078

On the EX3400, the fan alarm Fan X not spinning appears and disappears repeatedly after the fan tray

•

is removed. PR1442134

The rpd might crash when the BGP sends a notification message. PR1442786

•

DHCPv6 client might fail to get an IP address. PR1442867

•

Non-designated port does not move to the backup port role. PR1443489

•

The /var/host/motd does not exist message is flooded every 5 seconds in chassisd logs. PR1444903

•

On the EX4300-MP, the following log messages is generated continuously: rpd[6550]: task_connect:

•

task AGENTD I/O.128.0.0.1+9500 addr 128.0.0.1+9500: Connection refused. PR1445618

On the EX3400 dot1xd core file is found at macsec_update_intf macsec_destroy_ca. PR1445764

•

Major alarm log messages for temperature conditions are generated for the EX4600 at 56 degrees

•

Celsius. PR1446363

Traffic might be dropped when a firewall filter rule uses 'then vlan' as the action in a Virtual Chassis

•

scenario. PR1446844

The phone-home feature might fail on EX3400 switches because sysctl cannot read the device serial

•

number. PR1447291

On EX3400, Virtual Chassis might hang when a disk error occurs. PR1447853

•

Unicast ARP requests do not receive a reply with the no-arp-trap option. PR1448071

•

On EX3400, IPv6 routes received through BGP do not show the correct age time. PR1449305

•

Except one aggregated Ethernet member link, the other links do not send out sFlow sample packets for

•

ingress traffic. PR1449568

DHCP snooping static binding does not take effect after deleting and readding the entries. PR1451688

•

The l2ald and eventd processes are hogging 100 percent after issuing the clear ethernet-switching table

•

command. PR1452738

Configuration change in the VLAN all option might affect the per-VLAN configuration. PR1453505

•

Version compare in PHC might fail and the same image might be downloaded. PR1453535

•

Packet drops might be seen after removing and reinserting the SFP transceiver of the 40-Gigabit Ethernet

•

uplink module ports. PR1456039

Syslog message Timeout connecting to peer database-replication is generated when the command show

•

version detail is issued. PR1457284

SNMP trap messages are generated after an upgrade even though the temperature is within the system

•

thresholds. PR1457456

The correct VoIP VLAN information in LLDP-MED packets might not be sent after commit if dynamic

•

VoIP VLAN assignment is used. PR1458559

The fxpc process might crash because the BGP IPv6 session flaps. PR1459759

•

Storage space limitation leads to image installation failure when the phone-home client is used on EX2300

•

and EX3400 devices. PR1460087

Configure any combination of VLANs and interfaces under VSTP/MSTP might cause VSTP/MSTP related

•

configuration cannot be committed. PR1463251

The Virtual Chassis function might brake after an upgrade on EX2300 and EX3400 devices. PR1463635

•

On the EX2300, FXPC core file is generated after mastership election based on user priority. PR1465526

•

Infrastructure

The operations on the console might not work if the system ports console log-out-on-disconnect

•

statement is configured. PR1433224

The recovery snapshot cannot be created after system zeroization. PR1439189

•

On EX4300 CLI configuration on-disk-failure is not supported in Junos OS Release 18.2R3-S2. PR1450093

•

Certain EX Series platforms might generate VM core files by panic and reboot. PR1456668

•

Error messages related to soft reset of port because the queue buffers are stuck might be seen on

•

EX4600-EX4300 VC. PR1462106

The traffic is dropped on EX4300-48MP device acting as a leaf in Layer 2 IP fabric EVPN VXLAN

•

environment. PR1463318

Interfaces and Chassis

VRRP-V6 state flaps with init and idle states after configuring vlan-tagging. PR1445370

•

The traffic might be forwarded to incorrect interfaces in MC-LAG scenario. PR1465077

•

Junos Fusion Enterprise

Reachability issue of the host connected to the SD might be affected in a Junos Fusion Enterprise

•

environment with EX9200 Series devices as AD. PR1447873

Junos Fusion Satellite Software

The dpd might crash on satellite devices in a Junos Fusion Enterprise environment. PR1460607

•

J-Web

Some error messages might be seen when using J-Web. PR1446081

•

Layer 2 Ethernet Services

The jdhcpd_era log files constantly consume 121M of space out of 170M, resulting in a full file system

•

and affecting traffic. PR1431201

DHCP request might get dropped in DHCP relay scenario. PR1435039

•

On EX9200, the DHCP relay strips the 'GIADDR' field in messages towards the DHCP clients. PR1443516

•

Layer 2 Features

Ethernet Ring Protection Switching (ERPS) nodes might not converge to IDLE state after failure recovery

•

or reboot. PR1431262

The MAC/ARP learning might not work for copper base SFP-T on EX4600. PR1437577

•

The fxpc core files might be generated when committing the configuration. PR1467763

•

Platform and Infrastructure

LACP DDoS policer is incorrectly triggered by other protocols traffic on all EX92XX Series platforms.

•

PR1409626

Over temperature SNMP trap is generated incorrectly for LC (EX4300-48P) based on master Routing

•

Engine (EX4300-48MP) temperature threshold value. PR1419300

Packet drops, replication failure, or ksyncd crash might be seen on the logical system of a Junos OS

•

device after Routing Engine switchover. PR1427842

IPv6 traffic might be dropped when static /64 IPv6 routes are configured. PR1427866

•

Unicast ARP requests are not replied to with no-arp-trap option. PR1429964

•

The device might not be accessible after the upgrade. PR1435173

•

The FPC/pfex might crash due to DMA buffer leaking. PR1436642

•

The laser TX might be enabled while the interface is disabled. PR1445626

•

The PoE might not work after upgrading the PoE firmware on EX4300 platforms. PR1446915

•

The firewall filters might not be created due to TCAM issues. PR1447012

•

NSSU causes traffic loss again after the backup to master transitions. PR1448607

•

On certain MPC line cards, cm errors need to be reclassified. PR1449427

•

The REST service might become nonresponsive when the REST API receives several continuous HTTP

•

requests. PR1449987

The traffic for some VLANs might not be forwarded when vlan-id-list is configured. PR1456879

•

ERP might not revert to idle state after reload or reboot of multiple switches. PR1461434

•

Routing Protocols

Host-destined packets with filter log action might not reach to the Routing Engine if log/syslog is enabled.

•

PR1379718

On EX9208, BGP IPv4/IPv6 convergence and RIB install/delete time is degraded in Junos OS Releases

•

19.1R1, 19.2R1, 19.3R1, and 19.4R1. PR1414121

The fxpc core file might be generated during the reboot of EX4600 switches. PR1432023

•

Error message RPD_DYN_CFG_GET_PROF_NAME_FAILED: Get profile name for session XXX failed:

•

-7 might be seen in syslog after restarting the routing daemon. PR1439514

Traffic might be dropped after the Q-in-Q enabled interface flaps or a change is made to the vlan-id-list.

•

PR1441402

IPv6 connectivity between MC-LAG peers might fail when multiple IRB interfaces are present. PR1443507

•

Junos OS BFD sessions with authentication flaps after a certain time. PR1448649

•

Loopback address exported into other VRF instance might not work on EX Series platforms. PR1449410

•

MPLS LDP might still use stale MAC of the neighbor even when the LDP neighbor's MAC changes.

•

PR1451217

Changing "other querier present interval" timer is not working on IGMP/MLD snooping device in the

•

existing bridge domain (BD) or listener domain (LD). PR1461590

User Interface and Configuration

EX4600 switches are unable to commit baseline configuration after zeroization. PR1426341

•

Problem with access to J-Web after updating from Junos OS Release 18.2R2 to 18.2R3. PR1454150

•

Virtual Chassis

Current MAC address might change after deleting one of the multiple Layer 3 interfaces. PR1449206

•

SEE ALSO

What's New | 37

What's Changed | 47

Known Limitations | 50

Open Issues | 51

Documentation Updates | 65

Migration, Upgrade, and Downgrade Instructions | 66

Documentation Updates

IN THIS SECTION

Feature Guides Are Renamed As User Guides | 66

This section lists the errata and changes in Junos OS Release 19.4R3 for the EX Series switches documentation.

Feature Guides Are Renamed As User Guides

Starting with Junos OS 19.4R1, we renamed our Feature Guides to User Guides to better reflect the

•

SEE ALSO

What's New | 37

What's Changed | 47

Known Limitations | 50

Open Issues | 51

Resolved Issues | 54

Migration, Upgrade, and Downgrade Instructions | 66

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION

Upgrade and Downgrade Support Policy for Junos OS Releases | 66

This section contains the upgrade and downgrade support policy for Junos OS for the EX Series. Upgrading or downgrading Junos OS can take several hours, depending on the size and configuration of the network. For information about software installation and upgrade, see the Installation and Upgrade Guide.

Upgrade and Downgrade Support Policy for Junos OS Releases

provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.

17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from Junos OS Release 17.1 to Release 17.3.

For more information about EEOL releases and to review a list of EEOL releases, see

https://support.juniper.net/support/eol/software/junos/.

SEE ALSO

What's New | 37

What's Changed | 47

Known Limitations | 50

Open Issues | 51

Resolved Issues | 54

Documentation Updates | 65

Junos OS Release Notes for JRR Series

IN THIS SECTION

What's New | 68

What's Changed | 69

Known Limitations | 70

Open Issues | 70

Resolved Issues | 71

Documentation Updates | 72

Migration, Upgrade, and Downgrade Instructions | 73

These release notes accompany Junos OS Release 19.4R3 for JRR Series. They describe new and changed features, limitations, and known and resolved problems in the hardware.

You can find these release notes on the Juniper Networks Junos OS Documentation webpage, located at

https://www.juniper.net/documentation/product/en_US/junos-os.

What's New

IN THIS SECTION

What’s New in 19.4R3 Release | 68

What’s New in 19.4R2 Release | 68

What’s New in 19.4R1 Release | 68

Learn about new features introduced in the Junos OS main release and the maintenance releases for JRR Series.

What’s New in 19.4R3 Release

There are no new features or enhancements to existing features for JRR Series in Junos OS Release

•

19.4R3.

What’s New in 19.4R2 Release

There are no new features or enhancements to existing features for JRR Series in Junos OS Release

•

19.4R2.

What’s New in 19.4R1 Release

Hardware

JRR200 Route Reflector—Starting with Junos OS Release 19.4R1, JRR200 Route Reflector a 1U form

•

factor appliance with a multicore x86 CPU and preinstalled vRR software that can host one route reflector instance is available. JRR200 is suitable for large enterprises, data centers and service providers for hosting vRR software to scale up to 30 million routing information base (RIB) entries. The JRR200 route reflector comes with eight 1/10 Gigabit Ethernet SFP+ ports, 64 GB of DDR4 memory, and two 240 GB solid-state drives (SSDs) in a RAID1 configuration. It is available in both AC and DC

models which support Zero Touch Provisioning mode (ZTP) to ensure seamless insertion into the network and provide operational simplicity.

[See JRR200 Route Reflector Hardware Guide and JRR200 Route Reflector Quick Start]

ZTP Support for JRR200 Route Reflector—Starting in Junos OS Release 19.4R1, ZTP can automate the

•

provisioning of the device configuration and software image on JRR200 Route Reflector. ZTP supports self image upgrades and automatic configuration updates using ZTP DHCP options. In this release, ZTP supports revenue ports em2 thru em9, in addition to management port em0 which is supported in Junos OS Releases before 19.4R1.

[See Zero Touch Provisioning.]

SEE ALSO

What's Changed | 69

Known Limitations | 70

Open Issues | 70

Resolved Issues | 71

Documentation Updates | 72

Migration, Upgrade, and Downgrade Instructions | 73

What's Changed

There are no changes in behavior and syntax for JRR Series in Junos OS Release 19.4R3.

SEE ALSO

What's New | 68

Known Limitations | 70

Open Issues | 70

Resolved Issues | 71

Documentation Updates | 72

Migration, Upgrade, and Downgrade Instructions | 73

Known Limitations

There are no known limitations for JRR Series in Junos OS Release 19.4R3.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

SEE ALSO

What's New | 68

What's Changed | 69

Open Issues | 70

Resolved Issues | 71

Documentation Updates | 72

Migration, Upgrade, and Downgrade Instructions | 73

Open Issues

There are no open issues in hardware and software for JRR Series in Junos OS Release 19.4R3.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

SEE ALSO

What's New | 68

What's Changed | 69

Known Limitations | 70

Resolved Issues | 71

Documentation Updates | 72

Migration, Upgrade, and Downgrade Instructions | 73

Resolved Issues

IN THIS SECTION

Resolved Issues: 19.4R3 | 71

Resolved Issues: 19.4R2 | 71

Resolved Issues: 19.4R1 | 71

Learn which issues were resolved in Junos OS main release and the maintenance releases for JRR Series devices.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: 19.4R3

General Routing

tcp_timer_keep log messages floods continuously on JRR200. PR1533168

•

Resolved Issues: 19.4R2

General Routing

USB install image does not work for JRR200 platform. PR1471986

•

Link state of virtual em interfaces in Junos OS might not reflect the true link status of corresponding

•

physical interfaces in the Linux host. PR1492087

Resolved Issues: 19.4R1

There are no fixed issues in Junos OS Release 19.4R1 for JRR Series.

SEE ALSO

What's New | 68

What's Changed | 69

Known Limitations | 70

Open Issues | 70

Documentation Updates | 72

Migration, Upgrade, and Downgrade Instructions | 73

Documentation Updates

IN THIS SECTION

Feature Guides Are Renamed As User Guides | 72

This section lists the errata and changes in Junos OS Release 19.4R3 documentation for JRR Series.

Feature Guides Are Renamed As User Guides

Starting with Junos OS 19.4R1, we renamed our Feature Guides to User Guides to better reflect the

•

SEE ALSO

What's New | 68

What's Changed | 69

Known Limitations | 70

Open Issues | 70

Resolved Issues | 71

Migration, Upgrade, and Downgrade Instructions | 73

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION

Upgrade and Downgrade Support Policy for Junos OS Releases | 73

This section contains the upgrade and downgrade support policy for Junos OS for the JRR Series Route Reflector. Upgrading or downgrading Junos OS might take several minutes, depending on the size and configuration of the network.

For information about software installation and upgrade, see the Installation and Upgrade Guide.

Upgrade and Downgrade Support Policy for Junos OS Releases

17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from Junos OS Release 17.1 to Release 17.3.

For more information about EEOL releases and to review a list of EEOL releases, see

https://www.juniper.net/support/eol/junos.html.

For information about software installation and upgrade, see the Installation and Upgrade Guide and

JRR200 Route Reflector Quick Start.

SEE ALSO

What's New | 68

What's Changed | 69

Known Limitations | 70

Resolved Issues | 71

Open Issues | 70

Documentation Updates | 72

Junos OS Release Notes for Junos Fusion Enterprise

IN THIS SECTION

What’s New | 75

What’s Changed | 75

Known Limitations | 76

Open Issues | 76

Resolved Issues | 77

Documentation Updates | 78

Migration, Upgrade, and Downgrade Instructions | 79

These release notes accompany Junos OS Release 19.4R3 for Junos Fusion Enterprise. Junos Fusion Enterprise is a Junos Fusion that uses EX9200 switches in the aggregation device role. These release notes describe new and changed features, limitations, and known problems in the hardware and software.

NOTE: For a complete list of all hardware and software requirements for a Junos Fusion

Enterprise, including which Juniper Networks devices can function as satellite devices, see

Understanding Junos Fusion Enterprise Software and Hardware Requirements.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

What’s New

There are no new features or enhancements to existing features in Junos OS Release 19.4R3 for Junos fusion for enterprise.

NOTE: For more information about the Junos fusion for enterprise features, see the Junos Fusion

Enterprise User Guide.

SEE ALSO

What’s Changed | 75

Known Limitations | 76

Open Issues | 76

Resolved Issues | 77

Documentation Updates | 78

Migration, Upgrade, and Downgrade Instructions | 79

What’s Changed

There are no changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands in Junos OS Release 19.4R3 for Junos fusion for enterprise.

SEE ALSO

What’s New | 75

Known Limitations | 76

Open Issues | 76

Resolved Issues | 77

Documentation Updates | 78

Migration, Upgrade, and Downgrade Instructions | 79

Known Limitations

There are no known behaviors, system maximums, and limitations in hardware and software in Junos OS Release 19.4R3 for Junos fusion for enterprise.

For the most complete and latest information about known Junos OS problems, use the Juniper Networks online Junos Problem Report Search application.

SEE ALSO

What’s New | 75

What’s Changed | 75

Open Issues | 76

Resolved Issues | 77

Documentation Updates | 78

Migration, Upgrade, and Downgrade Instructions | 79

Open Issues

IN THIS SECTION

Junos Fusion for Enterprise | 76

Learn about open issues in this release for Junos fusion for enterprise. For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Junos Fusion for Enterprise

In a Junos fusion for enterprise environment, when traffic originates from a peer device connected to

•

the aggregation device and the ICL is a LAG, there might be a reachability issue if the cascade port is disabled and traffic has to flow through the ICL LAG to reach the satellite device. As a workaround, use single interface as the ICL instead of a LAG. PR1447873

On a Junos fusion for enterprise system, intermediate traffic drop is sometime seen between the

•

aggregation device and satellite device when sFlow is enabled on the ingress interface. PR1450373

In Junos fusion for enterprise, the dpd process generate a core file on satellite devices running SNOS.

•

PR1460607

SEE ALSO

What’s New | 75

What’s Changed | 75

Known Limitations | 76

Open Issues | 76

Documentation Updates | 78

Migration, Upgrade, and Downgrade Instructions | 79

Resolved Issues

IN THIS SECTION

Resolved Issues: Release 19.4R3 | 77

Resolved Issues: Release 19.4R2 | 78

Resolved Issues: Release 19.4R1 | 78

Learn which issues were resolved in Junos OS main release and the maintenance releases for Junos fusion for enterprise.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: Release 19.4R3

There are no resolved issues in Junos OS Release 19.4R3 for Junos fusion for enterprise.

Resolved Issues: Release 19.4R2

The SDPD process generates a core file at vfpc_all_eports_deletion_complete

•

vfpc_dampen_fpc_timer_expiry. PR1454335

Loop detection might not work on extended ports in a Junos fusion scenario. PR1460209

•

The temperature sensor alarm is seen on EX4300 in a Junos fusion scenario. PR1466324

•

Resolved Issues: Release 19.4R1

There are no resolved issues in Junos OS Release 19.4R1 for Junos fusion for enterprise.

SEE ALSO

What’s New | 75

What’s Changed | 75

Known Limitations | 76

Open Issues | 76

Documentation Updates | 78

Migration, Upgrade, and Downgrade Instructions | 79

Documentation Updates

This section lists the errata and changes in Junos OS Release 19.4R3 documentation for Junos fusion for enterprise.

Feature Guides Are Renamed As User Guides

Starting with Junos OS 19.4R1, we renamed our Feature Guides to User Guides to better reflect the

•

SEE ALSO

What’s New | 75

What’s Changed | 75

Known Limitations | 76

Open Issues | 76

Resolved Issues | 77

Migration, Upgrade, and Downgrade Instructions | 79

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION

Basic Procedure for Upgrading Junos OS on an Aggregation Device | 79

Upgrading an Aggregation Device with Redundant Routing Engines | 81

Preparing the Switch for Satellite Device Conversion | 82

Converting a Satellite Device to a Standalone Switch | 83

Upgrade and Downgrade Support Policy for Junos OS Releases | 83

Downgrading from Junos OS | 84

This section contains the procedure to upgrade or downgrade Junos OS and satellite software for a Junos fusion for enterprise. Upgrading or downgrading Junos OS and satellite software might take several hours, depending on the size and configuration of the Junos fusion for enterprise topology.

Basic Procedure for Upgrading Junos OS on an Aggregation Device

When upgrading or downgrading Junos OS for an aggregation device, always use the junos-install package. Use other packages (such as the jbundle package) only when so instructed by a Juniper Networks support representative. For information about the contents of the junos-install package and details of the installation process, see the Installation and Upgrade Guide.

NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration

so that you can recover to a known, stable environment in case the upgrade is unsuccessful. Issue the following command:

user@host> request system snapshot

The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration information from the previous software installation is retained, but the contents of log files might be erased. Stored files on the routing platform, such as configuration templates and shell scripts (the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored files, copy them to another system before upgrading or downgrading the routing platform. See the Junos OS Installation and Upgrade Guide.

To download and install Junos OS:

1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:

https://www.juniper.net/support/downloads/

2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.

3. Select By Technology > Junos Platform > Junos Fusion to find the software that you want to download.

4. Select the release number (the number of the software version that you want to download) from the Version drop-down list on the right of the page.

5. Select the Software tab.

6. Select the software package for the release.

7. Review and accept the End User License Agreement.

8. Download the software to a local host.

9. Copy the software to the routing platform or to your internal software distribution site.

10. Install the new junos-install package on the aggregation device.

NOTE: We recommend that you upgrade all software packages out of band using the console

because in-band connections are lost during the upgrade process.

Customers in the United States and Canada, use the following commands:

user@host> request system software add validate reboot source/package.tgz

All other customers, use the following commands, where n is the spin number.

user@host> request system software add validate reboot source/package-limited.tgz

Replace source with one of the following values:

/pathname—For a software package that is installed from a local directory on the router.

•

For software packages that are downloaded and installed from a remote location:

•

ftp://hostname/pathname

•

http://hostname/pathname

•

scp://hostname/pathname (available only for Canada and U.S. version)

•

The validate option validates the software package against the current configuration as a prerequisite to adding the software package to ensure that the router reboots successfully. This is the default behavior when the software package being added is a different release.

Adding the reboot command reboots the router after the upgrade is validated and installed. When the reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.

Rebooting occurs only if the upgrade is successful.

Upgrading an Aggregation Device with Redundant Routing Engines

If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine separately to minimize disrupting network operations as follows:

1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the configuration change to both Routing Engines.

2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running software version on the master Routing Engine.

3. After making sure that the new software version is running correctly on the backup Routing Engine, switch over to the backup Routing Engine to activate the new software.

4. Install the new software on the original master Routing Engine that is now active as the backup Routing Engine.

For the detailed procedure, see the Installation and Upgrade Guide.

Preparing the Switch for Satellite Device Conversion

There are multiple methods to upgrade or downgrade satellite software in your Junos fusion for enterprise. See Configuring or Expanding a Junos Fusion Enterprise.

For satellite device hardware and software requirements, see Understanding Junos Fusion Enterprise

Software and Hardware Requirements.

Use the following command to install Junos OS on a switch before converting it into a satellite device:

user@host> request system software add validate reboot source/package-name

NOTE: The following conditions must be met before a Junos switch that is running Junos OS

Release 14.1X53-D43 can be converted to a satellite device when the action is initiated from the aggregation device:

The switch running Junos OS can be converted only to SNOS 3.1 and later.

•

Either the switch must be set to factory-default configuration by using the request system

•

zeroize command, or the following command must be included in the configuration: set chassis auto-satellite-conversion.

When the interim installation has completed and the switch is running a version of Junos OS that is compatible with satellite device conversion, perform the following steps:

1. Log in to the device using the console port.

2. Clear the device:

[edit] user@satellite-device# request system zeroize

NOTE: The device reboots to complete the procedure for resetting the device.

If you are not logged in to the device using the console port connection, your connection to the device is lost after you enter the request system zeroize command.

If you lose connection to the device, log in using the console port.

3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces from Virtual Chassis ports (VCPs) into network ports:

user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number

For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into network ports:

user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 0 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 1 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 2 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 3

This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by default, and the default settings are restored after the device is reset.

After this initial preparation, you can use one of three methods to convert your switches into satellite devices—autoconversion, manual conversion, or preconfiguration. See Configuring or Expanding a Junos

Fusion Enterprise for detailed configuration steps for each method.

Converting a Satellite Device to a Standalone Switch

If you need to convert a satellite device to a standalone device, you must install a new Junos OS software package on the satellite device and remove it from the Junos fusion topology. For more information, see

Converting a Satellite Device to a Standalone Device.

Upgrade and Downgrade Support Policy for Junos OS Releases

17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from

Junos OS Release 17.1 to Release 17.3.

For more information about EEOL releases and to review a list of EEOL releases, see

https://www.juniper.net/support/eol/junos.html

Downgrading from Junos OS

Junos fusion for enterprise is first supported in Junos OS Release 16.1, although you can downgrade a standalone EX9200 switch to earlier Junos OS releases.

NOTE: You cannot downgrade more than three releases.

For more information, see the Installation and Upgrade Guide.

To downgrade a Junos fusion for enterprise, follow the procedure for upgrading, but replace the junos-install package with one that corresponds to the appropriate release.

SEE ALSO

What’s New | 75

What’s Changed | 75

Known Limitations | 76

Open Issues | 76

Resolved Issues | 77

Documentation Updates | 78

Junos OS Release Notes for Junos Fusion Provider Edge

IN THIS SECTION

What's New | 85

What's Changed | 86

Known Limitations | 86

Open Issues | 87

Resolved Issues | 87

Documentation Updates | 88

Migration, Upgrade, and Downgrade Instructions | 89

These release notes accompany Junos OS Release 19.4R3 for the Junos Fusion Provider Edge. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

What's New

There are no new features or enhancements to existing features for Junos Fusion Provider Edge in Junos OS Release 19.4R3.

SEE ALSO

What's Changed | 86

Known Limitations | 86

Open Issues | 87

Resolved Issues | 87

Documentation Updates | 88

Migration, Upgrade, and Downgrade Instructions | 89

What's Changed

There are no changes in the behavior of Junos OS features or in the syntax of Junos OS statements and commands in Junos OS Release 19.4R3 for Junos fusion for provider edge.

SEE ALSO

What's New | 85

Known Limitations | 86

Open Issues | 87

Resolved Issues | 87

Documentation Updates | 88

Migration, Upgrade, and Downgrade Instructions | 89

Known Limitations

There are no known limitations for Junos Fusion Provider Edge in Junos OS Release 19.4R3.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

SEE ALSO

What's New | 85

What's Changed | 86

Open Issues | 87

Resolved Issues | 87

Documentation Updates | 88

Migration, Upgrade, and Downgrade Instructions | 89

Open Issues

There are no open issues in the Junos OS Release 19.4R3 for Junos Fusion Provider Edge.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

SEE ALSO

What's New | 85

What's Changed | 86

Known Limitations | 86

Resolved Issues | 87

Documentation Updates | 88

Migration, Upgrade, and Downgrade Instructions | 89

Resolved Issues

IN THIS SECTION

Resolved Issues: 19.4R3 Release | 88

Resolved Issues: 19.4R2 Release | 88

Resolved Issues: 19.4R1 Release | 88

Learn which issues were resolved in Junos OS main release and the maintenance releases for Junos Fusion Provider Edge.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: 19.4R3 Release

Junos Fusion Provider Edge

The statistics of extended ports on the satellite device cluster might show incorrect values from the

•

aggregation device. PR1490101

Resolved Issues: 19.4R2 Release

Junos Fusion for Provider Edge

The sdpd process might continuously crash if there are more than 12 cascade-ports configured to a

•

satellite device. PR1437387

The aggregated Ethernet interface might flap whenever a new logical interface is added. PR1441869

•

Resolved Issues: 19.4R1 Release

There are no fixed issues in the Junos OS Release 19.4R1 for Junos Fusion Provider Edge.

SEE ALSO

What's New | 85

What's Changed | 86

Known Limitations | 86

Open Issues | 87

Documentation Updates | 88

Migration, Upgrade, and Downgrade Instructions | 89

Documentation Updates

IN THIS SECTION

Feature Guides Are Renamed As User Guides | 89

This section lists the errata and changes in Junos OS Release 19.4R3 for Junos Fusion Provider Edge.

Feature Guides Are Renamed As User Guides

Starting with Junos OS 19.4R1, we renamed our Feature Guides to User Guides to better reflect the

•

SEE ALSO

What's New | 85

What's Changed | 86

Known Limitations | 86

Open Issues | 87

Resolved Issues | 87

Migration, Upgrade, and Downgrade Instructions | 89

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION

Basic Procedure for Upgrading an Aggregation Device | 90

Upgrading an Aggregation Device with Redundant Routing Engines | 92

Preparing the Switch for Satellite Device Conversion | 93

Converting a Satellite Device to a Standalone Device | 94

Upgrading an Aggregation Device | 96

Upgrade and Downgrade Support Policy for Junos OS Releases | 97

Downgrading from Junos OS Release 19.4 | 97

This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for Junos OS for Junos fusion for provider edge. Upgrading or downgrading Junos OS might take several hours, depending on the size and configuration of the network.

Basic Procedure for Upgrading an Aggregation Device

When upgrading or downgrading Junos OS, always use the jinstall package. Use other packages (such as the jbundle package) only when so instructed by a Juniper Networks support representative. For information about the contents of the jinstall package and details of the installation process, see the Installation and

Upgrade Guide.

NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration

so that you can recover to a known, stable environment in case the upgrade is unsuccessful. Issue the following command:

user@host> request system snapshot

The download and installation process for Junos OS Release 19.4R2 is different from that for earlier Junos OS releases.

1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:

https://www.juniper.net/support/downloads/

2. Log in to the Juniper Networks authentication system by using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.

3. Select By Technology > Junos Platform > Junos Fusion to find the software that you want to download.

4. Select the release number (the number of the software version that you want to download) from the Version drop-down list to the right of the page.

5. Select the Software tab.

6. Select the software package for the release.

7. Review and accept the End User License Agreement.

8. Download the software to a local host.

9. Copy the software to the routing platform or to your internal software distribution site.

10. Install the new jinstall package on the aggregation device.

NOTE: We recommend that you upgrade all software packages out-of-band using the console,

because in-band connections are lost during the upgrade process.

Customers in the United States and Canada, use the following commands.

For 64-bit software:

•

NOTE: We recommend that you use 64-bit Junos OS software when implementing Junos

Fusion Provider Edge.

user@host> request system software add validate reboot

source/jinstall64-19.4R2.SPIN-domestic-signed.tgz

For 32-bit software:

•

user@host> request system software add validate reboot

source/jinstall-19.4R2.SPIN-domestic-signed.tgz

All other customers, use the following commands.

For 64-bit software:

•

NOTE: We recommend that you use 64-bit Junos OS software when implementing Junos

Fusion Provider Edge.

user@host> request system software add validate reboot

source/jinstall64-19.4R2.SPIN-export-signed.tgz

For 32-bit software:

•

user@host> request system software add validate reboot

source/jinstall-19.4R2.SPIN-export-signed.tgz

Replace source with one of the following values:

/pathname—For a software package that is installed from a local directory on the router.

•

For software packages that are downloaded and installed from a remote location:

•

ftp://hostname/pathname

•

http://hostname/pathname

•

scp://hostname/pathname (available only for the Canada and U.S. version)

•

The validate option validates the software package against the current configuration as a prerequisite for adding the software package to ensure that the router reboots successfully. This is the default behavior when the software package being added is for a different release.

Rebooting occurs only if the upgrade is successful.

NOTE: After you install a Junos OS Release 19.4R2 jinstall package, you cannot return to the

previously installed software by issuing the request system software rollback command. Instead, you must issue the request system software add validate command and specify the jinstall package that corresponds to the previously installed software.

Upgrading an Aggregation Device with Redundant Routing Engines

If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine separately as follows to minimize disrupting network operations:

1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the configuration change to both Routing Engines.

2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running software version on the master Routing Engine.

3. After making sure that the new software version is running correctly on the backup Routing Engine, switch over to the backup Routing Engine to activate the new software.

4. Install the new software on the original master Routing Engine that is now active as the backup Routing Engine.

For the detailed procedure, see the Installation and Upgrade Guide.

Preparing the Switch for Satellite Device Conversion

Satellite devices in a Junos fusion topology use a satellite software package that is different from the standard Junos OS software package. Before you can install the satellite software package on a satellite device, you first need to upgrade the target satellite device to an interim Junos OS software version that can be converted to satellite software. For satellite device hardware and software requirements, see

Understanding Junos Fusion Software and Hardware Requirements

NOTE: The following conditions must be met before a standalone switch that is running Junos

OS Release 14.1X53-D43 can be converted to a satellite device when the action is initiated from the aggregation device:

The switch can be converted to only SNOS 3.1 and later.

•

Either the switch must be set to factory-default configuration by using the request system

•

zeroize command, or the following command must be included in the configuration: set chassis auto-satellite-conversion.

Customers with EX4300 switches, use the following command:

user@host> request system software add validate reboot

source/jinstall-ex-4300-14.1X53-D43.3-domestic-signed.tgz

Customers with QFX5100 switches, use the following command:

user@host> request system software add reboot

source/jinstall-qfx-5-14.1X53-D43.3-domestic-signed.tgz

When the interim installation has completed and the switch is running a version of Junos OS on one line that is compatible with satellite device conversion, perform the following steps:

1. Log in to the device by using the console port.

2. Clear the device:

[edit] user@satellite-device# request system zeroize

NOTE: The device reboots to complete the procedure for resetting the device.

If you are not logged in to the device by using the console port connection, your connection to the device is lost after you enter the request system zeroize command.

If you lose your connection to the device, log in using the console port.

3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces from Virtual Chassis ports (VCPs) into network ports:

user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number

For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into network ports:

This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos Fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by default, and the default settings are restored after the device is reset.

After this initial preparation, you can use one of three methods to convert your switches into satellite devices—autoconversion, manual conversion, and preconfiguration. See Configuring Junos Fusion Provider

Edge for detailed configuration steps for each method.

Converting a Satellite Device to a Standalone Device

If you need to convert a satellite device to a standalone device, you must install a new Junos OS software package on the satellite device and remove the satellite device from the Junos Fusion topology.

NOTE: If the satellite device is a QFX5100 switch, you need to install a PXE version of Junos

OS. The PXE version of Junos OS is software that includes pxe in the Junos OS package name when it is downloaded from the Software Center—for example, the PXE image for Junos OS Release 14.1X53-D43 is named install-media-pxe-qfx-5-14.1X53-D43.3-signed.tgz . If the satellite device is an EX4300 switch, you install a standard jinstall-ex-4300 version of Junos OS.

The following steps explain how to download software, remove the satellite device from Junos fusion, and install the Junos OS software image on the satellite device so that the device can operate as a standalone device.

1. Using a Web browser, navigate to the Junos OS software download URL on the Juniper Networks webpage:

https://www.juniper.net/support/downloads

2. Log in to the Juniper Networks authentication system by using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.

3. Select By Technology > Junos Platform > Junos Fusion from the drop-down list and select the switch platform series and model for your satellite device.

4. Select the Junos OS Release 14.1X53-D30 software image for your platform.

5. Review and accept the End User License Agreement.

6. Download the software to a local host.

7. Copy the software to the routing platform or to your internal software distribution site.

8. Remove the satellite device from the automatic satellite conversion configuration.

If automatic satellite conversion is enabled for the satellite device’s member number, remove the member number from the automatic satellite conversion configuration. The satellite device’s member number is the same as the FPC slot ID.

[edit] user@aggregation-device# delete chassis satellite-management auto-satellite-conversion

satellite member-number

For example, to remove member number 101 from Junos Fusion:

[edit] user@aggregation-device# delete chassis satellite-management auto-satellite-conversion

satellite 101

You can check the automatic satellite conversion configuration by entering the show command at the [edit chassis satellite-management auto-satellite-conversion] hierarchy level.

9. Commit the configuration.

To commit the configuration to both Routing Engines:

[edit] user@aggregation-device# commit synchronize

Otherwise, commit the configuration to a single Routing Engine:

[edit] user@aggregation-device# commit

10. Install the Junos OS software on the satellite device to convert the device to a standalone device.

[edit] user@aggregation-device> request chassis satellite install URL-to-software-package fpc-slot

member-number

For example, to install a PXE software package stored in the /var/tmp directory on the aggregation device onto a QFX5100 switch acting as the satellite device using FPC slot 101:

[edit] user@aggregation-device> request chassis satellite install

/var/tmp/install-media-pxe-qfx-5-14.1X53-D43.3-signed.tgz fpc-slot 101

For example, to install a software package stored in the var/tmp directory on the aggregation device onto an EX4300 switch acting as the satellite device using FPC slot 101:

[edit] user@aggregation-device> request chassis satellite install

/var/tmp/jinstall-ex-4300-14.1X53-D30.3-domestic-signed.tgz fpc-slot 101

The satellite device stops participating in the Junos Fusion topology after the software installation starts. The software upgrade starts after this command is entered.

11. Wait for the reboot that accompanies the software installation to complete.

12. When you are prompted to log back into your device, uncable the device from the Junos Fusion topology. See Removing a Transceiver from a QFX Series Device or Remove a Transceiver, as needed. Your device has been removed from Junos Fusion.

NOTE: The device uses a factory-default configuration after the Junos OS installation is

complete.

Upgrading an Aggregation Device

When you upgrade an aggregation device to Junos OS Release 19.4R2, you must also upgrade your satellite device to Satellite Device Software version 3.1R1.

Upgrade and Downgrade Support Policy for Junos OS Releases

17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from

Junos OS Release 17.1 to Release 17.3.

For more information about EEOL releases and to review a list of EEOL releases, see

https://www.juniper.net/support/eol/junos.html.

Downgrading from Junos OS Release 19.4

To downgrade from Release 19.4 to another supported release, follow the procedure for upgrading, but replace the 19.4 jinstall package with one that corresponds to the appropriate release.

NOTE: You cannot downgrade more than three releases.

For more information, see the Installation and Upgrade Guide.

SEE ALSO

What's New | 85

What's Changed | 86

Known Limitations | 86

Open Issues | 87

Resolved Issues | 87

Documentation Updates | 88

Junos OS Release Notes for MX Series 5G Universal Routing Platform

IN THIS SECTION

What's New | 98

What's Changed | 121

Known Limitations | 129

Open Issues | 132

Resolved Issues | 148

Documentation Updates | 191

Migration, Upgrade, and Downgrade Instructions | 192

These release notes accompany Junos OS Release 19.4R3 for the MX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

What's New

IN THIS SECTION

What’s New in 19.4R3 Release | 99

What’s New in 19.4R2 Release | 99

What’s New in 19.4R1 Release | 101

Learn about new features introduced in the Junos OS main release and the maintenance releases for MX Series routers.

What’s New in 19.4R3 Release

There are no new features or enhancements to existing features for MX Series Junos OS Release 19.4R3.

What’s New in 19.4R2 Release

Hardware

NOTE: The MX2K-MPC11E line card is not supported in any Junos OS 19.4 releases. It is

supported in Junos OS 19.3R2 and later 19.3 releases and in Junos OS 20.1R1 and later Junos OS releases.

EVPN

EVPN on MPLS-over-UDP tunnels (MX series and vMX)—In Junos OS Release 19.4R2, Junos OS supports

•

an EVPN network in MPLS-over-UDP tunnels. EVPN uses indirect next hop while MPLS-over-UDP tunnels use tunnel composite next hop (TCNH) in resolving routes in the routing table. Prior to this release, indirect next hops for EVPN traffic on MPLS-over-UDP tunnels resolve into unicast next hops. With this release, the indirect next hops for EVPN traffic on MPLS-over-UDP tunnels will resolve into TCNH.

[See EVPN Overview and Example: Configuring Next-Hop-Based MPLS-Over-UDP Dynamic Tunnels.]

Interfaces and Chassis

Transparent forwarding of CFM packets over VPLS (MX Series)—In Junos OS Release 19.4R2, an MX

•

Series router continues to forward CFM packets over a VPLS even if the packets contain more VLAN tags than the number configured on an interface. In earlier releases of Junos OS, irrespective of the number of tags in a packet, the router forwards or drops the packet based on the interface configuration. In those releases, all CFM messages are parsed at the provider edge. But as a result of this feature support, only those CFM packets are parsed for which the number of VLAN tags matches the number configured on the provider edge interface.

100

NOTE: We do not support transparent forwarding on untagged and triple-tagged CFM packets.

[See Example: Configuring Ethernet CFM over VPLS.]

MPLS

Delegate segment routing LSPs to a PCE (MX Series)—Starting in Junos OS Release 19.4R2, you can

•

enable a Path Computation Client (PCC, ingress MX Series router) to delegate locally configured IPv4 non-colored segment routing LSPs to a Path Computation Element (PCE) controller. The PCE controls the delegated LSPs and can modify LSP attributes for traffic steering. A PCC with delegation capability can take back control of the delegated segment routing LSPs from the PCE when the PCEP session goes down; the LSPs would otherwise be deleted from the PCC. You can thus ensure LSP data protection by averting a situation where packets are silently discarded or dropped (also known as a traffic black-hole condition).

[See Example: Configuring Path Computation Element Protocol for SR-TE LSPs.]

Junos OS Release 19.4R3 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Contents

Introduction

Junos OS Release Notes for ACX Series

What's New

What's New in Release 19.4R3

What’s Changed in 19.4R2-S2

General Routing

What's New in Release 19.4R2

Dynamic Host Configuration Protocol (DHCP)

EVPN

What's New in Release 19.4R1

EVPN

General Routing

Junos OS XML API and Scripting

MPLS

Routing Protocols

System Logging

Software Defined Networking (SDN)

What's Changed

What’s Changed in 19.4R3

Routing Protocols

What’s Changed in 19.4R2

What’s Changed in 19.4R1

General Routing

Routing Protocols

Known Limitations

General Routing

Open Issues

General Routing

Platform and Infrastructure

Virtual Chassis

Resolved Issues

Resolved Issues: 19.4R3

General Routing

Interfaces and Chassis

Routing Protocols

VPNs

Resolved Issues: 19.4R2

General Routing

Interfaces and Chassis

Layer 2 Ethernet Services

MPLS

Resolved Issues: 19.4R1

General Routing

Layer 2 Ethernet Services

Platform and Infrastructure

Routing Protocols

Documentation Updates

Feature Guides Are Renamed As User Guides

Migration, Upgrade, and Downgrade Instructions

Upgrade and Downgrade Support Policy for Junos OS Releases

Junos OS Release Notes for cRPD

What’s New

What's Changed

Known Limitations

Open Issues

Resolved Issues

Junos OS Release Notes for EX Series Switches

What's New

What's New in 19.4R3

What's New in 19.4R2

What's New in 19.4R1

Authentication, Authorization, and Accounting

Class of Service

EVPN

Junos OS XML, API, and Scripting

Junos Telemetry Interface

Layer 2 Features

MPLS

Multicast

Operation, Administration, and Maintenance (OAM)

Port Security

Routing Policy and Firewall Filters

System Logging

System Management

User Interface and Configuration