Junos OS Release Notes for Junos Fusion Provider Edge

 

These release notes accompany Junos OS Release 17.4R2 for the Junos Fusion Provider Edge. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

New and Changed Features

This section describes the new features and enhancements to existing features in Junos OS Release 17.4R2 for Junos Fusion Provider Edge.

Release 17.4R2 New and Changed Features

There are no new features in Junos OS Release 17.4R2 for Junos Fusion Provider Edge.

Release 17.4R1 New and Changed Features

Hardware

  • Support for MX204 routers (Junos Fusion Provider Edge)—Starting in Junos OS Release 17.4R1, you can configure MX204 Universal Routing Platforms as aggregation devices in a Junos Fusion Provider Edge topology. Junos Fusion Provider Edge brings the Junos Fusion technology to the service provider edge. In a Junos Fusion Provider Edge, MX Series routers act as aggregation devices, while EX4300, QFX5100, QFX5110, or QFX5200 switches act as satellite devices.

    [See Understanding Junos Fusion Provider Edge Components.]

Changes in Behavior and Syntax

This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands in Junos OS Release 17.4R2 for Junos Fusion Fabrics.

Security

  • Support for logging the SSH key changes—Starting with Junos OS Release 17.4R1, the configuration statement log-key-changes is introduced at the [edit system services ssh ] hierarchy level. When log-key-changes is enabled and committed (with the commit command in configuration mode), Junos OS logs the changes to the set of authorized SSH keys for each user (including the keys that were added or removed). Junos OS logs the differences since the last time log-key-changes was enabled. If the log-key-changes was never enabled, then Junos OS logs all the authorized SSH keys.

Known Behavior

This section lists known behavior, system maximums, and limitations in hardware and software in Junos OS Release 17.4R2 for Junos Fusion Provider Edge.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Junos Fusion Provider Edge

  • An L2 filter with multiple terms containing mixed L2 and L3/L4 match conditions do not get programmed a QFX10000 switch as an aggregation device. This is due to an ASIC limitation. PR1286708

  • The FPCs are not online after an image upgrade due to lack of space in the /var/tmp directory. PR1296082

  • The no-mac-learning and interface-mac-limit statements are not supported on extended ports or LAGs of extended ports. PR1296731

  • The CLI interface-set command in the firewall filter match condition is not supported on a QFX10000 switch as an aggregation device. PR1298633

  • The policy route action is not supported on interfaces with a vxlan-vni configuration along with routing instances. PR1298683

  • The next-ip action for the firewall filters is not supported with an EVPN-VXLAN VNI configuration. PR1298688

  • Configuration synchronization is not triggered when you issue the rollback command on the local aggregation device (AD). PR1298747

Known Issues

This section lists the known issues in hardware and software in Junos OS Release 17.4R2 for Junos Fusion Provider Edge.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Junos Fusion Provider Edge

  • The license installed will not be deleted, unless it is explicitly deleted using the request command. After disabling the cascade port, the license count will be marked as zero only after the satellite information is purged from the neighbor database. Previously this satellite neighbor information persisted for only 8 minutes; now neighbor information is being held for 8 hours. This time delay is introduced to avoid repeating the initial recognition of the satellite device for interface-down events. user@host> show configuration | display set | grep et-0/0/30 set groups user-host-grp interfaces et-0/0/30 cascade-port set chassis satellite-management fpc 101 cascade-ports et-0/0/30 set interfaces et-0/0/30 disable {master:0} user@host> show chassis satellite terse Device Extended Ports Slot State Model Total/Up Version 100 Online EX4300-48T 50/1 17.4-20170726_common_xxx.0 102 Online QFX5200-32C-32Q 2/1 17.4-20170726_common_xxx.0 103 Online QFX5110-48S-4C 3/2 17.4-20170726_common_xxx.0 {master:0} user@host> show chassis satellite neighbor Interface State Port Info System Name Model SW Version et-0/0/30 Dn et-0/0/18 Two-Way et-0/0/18 sd102 QFX5200-32C-32Q 17.4-20170726_common_xxx.0 et-0/0/12 Two-Way et-0/0/50 sd103 QFX5110-48S-4C 17.4-20170726_common_xxx.0 et-0/0/6 Two-Way et-0/1/3 sd100 EX4300-48T 17.4-20170726_common_xxx.0 {master:0} user@host> show system license License usage: Licenses Licenses Licenses Expiry Feature name used installed needed bgp 1 0 1 invalid SD-QFX5100-48SH-48TH 0 4 0 permanent Licenses installed: License identifier: JUNOSxxxxxx License version: 4 Software Serial Number: 99999B99999999 Customer ID: USER-SWITCH Features: SD-QFX5100-48SH-48TH-4PK - SD 4 pack QFX5000-10-JFD permanent {master:0} user@host> show system license usage Licenses Licenses Licenses Expiry Feature name used installed needed bgp 1 0 1 invalid SD-QFX5100-48SH-48TH 0 4 0 permanent {master:0} user@host> show system alarms 4 alarms currently active Alarm time Class Description 2017-08-29 13:14:27 UTC Minor BGP Routing Protocol usage requires a license 2017-08-28 17:25:27 UTC Major FPC0: PEM 1 Not Powered 2017-08-28 17:25:27 UTC Major FPC Management1 Ethernet Link DownPR1294951

  • Configuration synchronization is not triggered when you issue the rollback command on the local aggregation device (AD). PR1298747

  • When changing fpc slot-id, always delete the old configuration, commit, and then apply the new configuration. Otherwise, sdpd and mib2d might generate core files. Example: (1) Delete chassis satellite-management fpc 101 cascade-ports et-0/0/11 (2) commit (3) Set chassis satellite-management fpc 102 cascade-ports et-0/0/11 (4) commit. PR1309080

Resolved Issues

This section lists the issues fixed in the Junos OS main release and the maintenance releases.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: 17.4R2

Junos Fusion Provider Edge

  • The show interfaces diagnostics optics satellite command does not display any outputs. PR1327876

  • High IGMP leave latency with IGMP snooping in an EVPN. PR1327980

  • SSH key-based authentication fails after a reboot if chassis satellite-management is configured. PR1344392

Resolved Issues: 17.4R1

Junos Fusion Provider Edge

  • Chassis alarms are not generated after the uplinks are made down from the satellite device. PR1275480

Documentation Updates

There are no errata or changes in Junos OS Release 17.4R2 for Junos Fusion Provider Edge documentation.

Migration, Upgrade, and Downgrade Instructions

This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for Junos OS for Junos Fusion Provider Edge. Upgrading or downgrading Junos OS might take several hours, depending on the size and configuration of the network.

Basic Procedure for Upgrading an Aggregation Device

When upgrading or downgrading Junos OS, always use the jinstall package. Use other packages (such as the jbundle package) only when so instructed by a Juniper Networks support representative. For information about the contents of the jinstall package and details of the installation process, see the Installation and Upgrade Guide.

Note

Before upgrading, back up the file system and the currently active Junos OS configuration so that you can recover to a known, stable environment in case the upgrade is unsuccessful. Issue the following command:

The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration information from the previous software installation is retained, but the contents of log files might be erased. Stored files on the routing platform, such as configuration templates and shell scripts (the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored files, copy them to another system before upgrading or downgrading the routing platform. See the Junos OS Administration Library.

The download and installation process for Junos OS Release 17.4R2 is different that for earlier Junos OS releases.

  1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:

    https://www.juniper.net/support/downloads/

  2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
  3. Select By Technology > Junos Platform > Junos Fusion to find the software that you want to download.
  4. Select the release number (the number of the software version that you want to download) from the Version drop-down list to the right of the page.
  5. Select the Software tab.
  6. Select the software package for the release.
  7. Review and accept the End User License Agreement.
  8. Download the software to a local host.
  9. Copy the software to the routing platform or to your internal software distribution site.
  10. Install the new jinstall package on the aggregation device.Note

    We recommend that you upgrade all software packages out of band using the console, because in-band connections are lost during the upgrade process.

    Note

    We highly recommend that you select 64-bit Junos OS software when implementing Junos Fusion Provider Edge.

    For upgrades from Junos OS Release 14.2 and earlier:

    user@host> request system software add no-validate reboot source/package-name

    All other upgrades:

    user@host> request system software add validate reboot source/package-name

    Replace source with one of the following values:

    • /pathname—For a software package that is installed from a local directory on the router.

    • For software packages that are downloaded and installed from a remote location:

      • ftp://hostname/pathname

      • http://hostname/pathname

      • scp://hostname/pathname (available only for the Canada and U.S. version)

    The validate option validates the software package against the current configuration as a prerequisite for adding the software package to ensure that the router reboots successfully. This is the default behavior when the software package being added is for a different release.

    Adding the reboot command reboots the router after the upgrade is validated and installed. When the reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.

    Rebooting occurs only if the upgrade is successful.

Note

After you install a Junos OS Release 17.4R2 jinstall package, you cannot return to the previously installed software by issuing the request system software rollback command. Instead, you must issue the request system software add validate command and specify the jinstall package that corresponds to the previously installed software.

Upgrading an Aggregation Device with Redundant Routing Engines

If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine separately as follows to minimize disrupting network operations:

  1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the configuration change to both Routing Engines.

  2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running software version on the master Routing Engine.

  3. After making sure that the new software version is running correctly on the backup Routing Engine, switch over to the backup Routing Engine to activate the new software.

  4. Install the new software on the original master Routing Engine that is now active as the backup Routing Engine.

For the detailed procedure, see the Installation and Upgrade Guide.

Preparing the Switch for Satellite Device Conversion

Satellite devices in a Junos Fusion topology use a satellite software package that is different from the standard Junos OS software package. Before you can install the satellite software package on a satellite device, you first need to upgrade the target satellite device to an interim Junos OS software version that can be converted to satellite software. For satellite device hardware and software requirements, see Understanding Junos Fusion Software and Hardware Requirements

Note

The following conditions must be met before a standalone switch that is running Junos OS Release 14.1X53-D43 can be converted to a satellite device when the action is initiated from the aggregation device:

  • The switch can only be converted to SNOS 3.1 and higher.

  • The switch can be converted to a satellite device if it is in factory-default or it has the set chassis auto-satellite-conversion statement in its configuration.

Customers with EX4300 switches, use the following command:

user@host> request system software add validate reboot source/jinstall-ex-4300-14.1X53-D43.7-domestic-signed.tgz

Customers with QFX5100 switches, use the following command:

user@host> request system software add reboot source/jinstall-qfx-5-14.1X53-D43.7-domestic-signed.tgz

When the interim installation has completed and the switch is running a version of Junos OS that is compatible with satellite device conversion, perform the following steps:

  1. Log in to the device using the console port.
  2. Clear the device:
    [edit]

    user@satellite-device# request system zeroize
    Note

    The device reboots to complete the procedure for resetting the device.

    If you are not logged in to the device using the console port connection, your connection to the device is lost after you enter the request system zeroize command.

    If you lose your connection to the device, log in using the console port.

  3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces from Virtual Chassis ports (VCPs) into network ports:
    user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number

    For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into network ports:

    user@satellite-device>request virtual-chassis vc-port delete pic-slot 1 port 0

    user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 1

    user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 2

    user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 3

    This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos Fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by default, and the default settings are restored after the device is reset.

After this initial preparation, you can use one of three methods to convert your switches into satellite devices—autoconversion, manual conversion, and preconfiguration. See Configuring Junos Fusion Provider Edge for detailed configuration steps for each method.

Converting a Satellite Device to a Standalone Device

In the event that you need to convert a satellite device to a standalone device, you will need to install a new Junos OS software package on the satellite device and remove the satellite device from the Junos Fusion topology.

Note

If the satellite device is a QFX5100 switch, you need to install a PXE version of Junos OS. The PXE version of Junos OS is software that includes pxe in the Junos OS package name when it is downloaded from the Software Center—for example, the PXE image for Junos OS Release 14.1X53-D43 is named install-media-pxe-qfx-5-14.1X53-D43.7-signed.tgz . If the satellite device is an EX4300 switch, you install a standard jinstall-ex-4300 version of Junos OS.

The following steps explain how to download software, remove the satellite device from Junos Fusion, and install the Junos OS software image on the satellite device so that the device can operate as a standalone device.

  1. Using a Web browser, navigate to the Junos OS software download URL on the Juniper Networks webpage:

    https://www.juniper.net/support/downloads

  2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
  3. Select By Technology > Junos Platform > Junos Fusion from the drop-down list and select the switch platform series and model for your satellite device.
  4. Select the Junos OS Release 14.1X53-D43 software image for your platform.
  5. Review and accept the End User License Agreement.
  6. Download the software to a local host.
  7. Copy the software to the routing platform or to your internal software distribution site.
  8. Remove the satellite device from the automatic satellite conversion configuration.

    If automatic satellite conversion is enabled for the satellite device’s member number, remove the member number from the automatic satellite conversion configuration. The satellite device’s member number is the same as the FPC slot ID.

    [edit]
    user@aggregation-device# delete chassis satellite-management auto-satellite-conversion satellite member-number

    For example, to remove member number 101 from Junos Fusion:

    [edit]
    user@aggregation-device# delete chassis satellite-management auto-satellite-conversion satellite 101

    You can check the automatic satellite conversion configuration by entering the show command at the [edit chassis satellite-management auto-satellite-conversion] hierarchy level.

  9. Commit the configuration.

    To commit the configuration to both Routing Engines:

    [edit]
    user@aggregation-device# commit synchronize

    Otherwise, commit the configuration to a single Routing Engine:

    [edit]
    user@aggregation-device# commit
  10. Install the Junos OS software on the satellite device to convert the device to a standalone device.
    [edit]
    user@aggregation-device> request chassis satellite install URL-to-software-package fpc-slot member-number

    For example, to install a PXE software package stored in the /var/tmp directory on the aggregation device onto a QFX5100 switch acting as the satellite device using FPC slot 101:

    [edit]
    user@aggregation-device> request chassis satellite install /var/tmp/install-media-pxe-qfx-5-14.1X53-D43.7-signed.tgz fpc-slot 101

    For example, to install a software package stored in the var/tmp directory on the aggregation device onto an EX4300 switch acting as the satellite device using FPC slot 101:

    [edit]
    user@aggregation-device> request chassis satellite install /var/tmp/jinstall-ex-4300-14.1X53-D43.7domestic-signed.tgz fpc-slot 101

    The satellite device stops participating in the Junos Fusion topology once the software installation starts. The software upgrade starts after this command is entered.

  11. Wait for the reboot that accompanies the software installation to complete.
  12. When you are prompted to log back into your device, uncable the device from the Junos Fusion topology. See Removing a Transceiver from a QFX Series Device or Removing a Transceiver, as needed. Your device has been removed from Junos Fusion. Note

    The device uses a factory-default configuration after the Junos OS installation is complete.

Upgrading an Aggregation Device

When you upgrade an aggregation device to Junos OS Release 17.4R2, you must also upgrade your satellite device to Satellite Device Software version 3.1R1.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.

You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1, 17.2 and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from Junos OS Release 17.1 to Release 17.3. However, you cannot upgrade directly from a non-EEOL release that is more than three releases ahead or behind.

To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.

For more information about EEOL releases and to review a list of EEOL releases, see https://www.juniper.net/support/eol/junos.html.

Downgrading from Release 17.4

To downgrade from Release 17.4 to another supported release, follow the procedure for upgrading, but replace the 17.4 jinstall package with one that corresponds to the appropriate release.

Note

You cannot downgrade more than three releases.

For more information, see the Installation and Upgrade Guide.

Product Compatibility

Hardware Compatibility

Hardware Compatibility

To obtain information about the components that are supported on the devices, and special compatibility guidelines with the release, see the Hardware Guide and the Interface Module Reference for the product.

To determine the features supported on MX Series devices in this release, use the Juniper Networks Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature information to find the right software release and hardware platform for your network. See the Feature Explorer.

Hardware Compatibility Tool

For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms, see the Hardware Compatibility tool.