Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation  Back up to About Overview 

New Features in Junos OS Release 12.3X50-D30 for the QFX Series

Interfaces

  • 64th port available (QFX3500 switches)—Enables you to configure port xe-0/1/0 (on QSFP+ port Q0), which was previously unavailable. To make this port available for use, issue the request chassis port-mode extended statement at the root level. To disable this port, issue the request chassis port-mode standard statement. After enabling or disabling port xe-0/1/0, commit the configuration and reboot the system to make the change take effect.

Network Management and Monitoring

  • Support of sFlow monitoring technology over management interfaces (QFX3500 and QFX3600 switches)—Extends the support of sFlow monitoring technology on QFX3500 and QFX3600 standalone switches to enable configuration of sFlow collectors on management interfaces. You use sFlow technology to monitor traffic continuously at wire speed on all interfaces simultaneously. An sFlow monitoring system consists of an sFlow agent embedded in the switch and up to four external collectors. The sFlow agent performs packet sampling and gathers interface statistics, and combines the information into UDP datagrams that are sent to the sFlow collectors. An sFlow collector may be connected to the switch through the management network or data network. The software forwarding process on the switch looks up the next-hop address for the specified collector IP address to determine whether the collector is reachable by way of the management network or data network. To configure the sFlow collector IP address, issue the collector ip-address ip-address statement at the [edit protocols sflow] hierarchy level.

System Management

  • Zero Touch Provisioning (QFX3500 and QFX3600 standalone switches)—Zero Touch Provisioning allows you to provision new Juniper Networks switches in your network automatically without manual intervention. When you physically connect a switch to the network and boot it with a default configuration, it attempts to upgrade the Junos OS software automatically and autoinstall a configuration file from the network. The switch uses information that you configure on a Dynamic Host Configuration Protocol (DHCP) server to locate the necessary software image and configuration files on the network.

    With Junos OS Release 12.3X50-D30, the switch populates the Vendor Class Identifier (DHCP Option 60) field in the DHCP Discover packet that it sends out with information that identifies the switch model—for example, Juniper-qfx3500s. (This is the same information that is displayed when you execute the show version command.)

Security

  • Unicast reverse path forwarding (QFX3500 and QFX3600 standalone switches)—Protects the switch against denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks by comparing the source address of a received unicast packet against the switch’s routing table to see if the source address is valid or spoofed (faked). Reverse path forwarding (RPF) works in two modes:
    • Strict mode: In this mode, the switch checks to see if a packet is received on the interface that the switch would use if it were sending a packet to the incoming packet’s source address. If the packet fails this test, the switch discards it.
    • Loose mode: In this mode, the switch checks to see if the incoming packet’s source address is in the switch’s routing table, but the switch does not verify whether it would use the ingress interface to send a packet to the incoming packet’s source address. If the source address is in the routing table, the switch accepts the packet and forwards it as required.

    To configure unicast reverse path forwarding, issue the rpf-check statement at the [edit interfaces unit family] hierarchy level.

Traffic Management

  • Burst-size control (QFX3500 and QFX3600 standalone switches)—Provides fine-tuned control of the burst size (data volume) a switch port can forward for a priority group (the members of a forwarding class set) or for a particular output queue. When you include the shaping-rate configuration statement in the [edit class-of-service traffic-control-profiles] hierarchy for priority groups or in the [edit class-of-service schedulers] hierarchy for output queues, you can specify the burst size that you want to allow by including the new burst-size option.

    The switch uses the leaky bucket algorithm for rate shaping. By default, the switch assigns a relatively large burst size that provides a large tolerance for bursts of traffic so that the port can continue to send at full rate. This burst tolerance might permit a priority group or a queue to transmit at a rate over the maximum bandwidth (shaping rate) specified in the traffic control profile or scheduler for a significant period of time (up to several seconds in some cases).

    If this is not the desired burst behavior or if the shaping rate needs to be more strictly enforced, use the burst-size option to limit the bursts. You can configure the burst-size option in units of bytes, kilobytes, or megabytes. You can configure a burst size in the range of 1 through 134184960 bytes (approximately 131040 KB or 128 MB).

    Use the following formula to calculate the minimum burst value in bytes to maintain a particular shaping rate in bits per second (bps):

    [(shaping rate) / (256000 * 8)] = (minimum burst size value)

    For example, if you have a shaping rate of 4 Gbps, the equation is:

    4294967296 / 2048000 = 2097 bytes

    If you configure a higher burst-size value than the result of the equation, that allows output traffic bursts above the configured shaping rate when there are input bursts. If this happens and is not desired, reduce the burst size to limit the output traffic bursts. If you configure a burst size that is too small for the configured shaping rate, the switch automatically increases the burst size to the minimum value required to support the shaping rate.

Related Documentation

Modified: 2015-04-10