Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

ON THIS PAGE

Junos OS Release Notes for NFX Series

 

These release notes accompany Junos OS Release 18.1R3 for the NFX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os

New and Changed Features

This section describes the new features or enhancements to existing features in Junos OS Release 18.1R3 for NFX Series devices.

Release 18.1R3 New and Changed Features

There are no new features or enhancements to existing features for NFX Series in Junos OS Release 18.1R3.

Release 18.1R2 New and Changed Features

There are no new features or enhancements to existing features for NFX Series in Junos OS Release 18.1R2.

Release 18.1R1 New and Changed Features

Hardware

  • NFX150 platform—Starting with Junos OS Release 18.1R1, the NFX150 Network Services Platform is available as a single platform that integrates routing, switching, and security functions. The NFX150 is a secure, automated, software-driven customer premises equipment (CPE) platform that delivers virtualized network and security services on demand. It is suited for small to medium-sized enterprises and acts as a secure router, SD-WAN CPE, or uCPE. The architecture of the NFX150 platform enables unified management of all its components through the Junos Control Plane (JCP). It also offers effective management of the system resources and reduced system boot time.

    The NFX150 portfolio is available in the following variants:

    • NFX150-S1—Rack-mount model with 2.2-GHz 8-core Intel CPU, 200-GB SSD, 16-GB RAM, four 10/100/1000BASE-T RJ-45 LAN ports, and two 1-Gigabit Ethernet/10-Gigabit Ethernet SFP+ WAN ports.

    • NFX150-S1E—Rack-mount model with 2.2-GHz 8-core Intel CPU, 200-GB SSD, 32-GB RAM, four 10/100/1000BASE-T RJ-45 LAN ports, and two 1-Gigabit Ethernet/10-Gigabit Ethernet SFP+ WAN ports.

      NFX150-S1 and NFX150-S1E support the following expansion modules:

      • NFX-EM-6T2SFP—Expansion module with six 1-Gigabit Ethernet RJ-45 ports and two 1-Gigabit Ethernet SFP ports

      • NFX-LTE-AE—Expansion module with an LTE modem supporting the frequency bands in Europe and North America.

      • NFX-LTE-AA—Expansion module with an LTE modem supporting the frequency bands in Asia and Australia.

    • NFX150-C-S1—Compact desktop model with 2.2-GHz 4-core Intel CPU, 8-GB RAM, 100-GB SSD, four 10/100/1000BASE-T RJ-45 LAN ports, and two 1-Gigabit Ethernet/10-Gigabit Ethernet SFP+ WAN ports.

    • NFX150-C-S1-AE—Compact desktop model with 2.2-GHz 4-core Intel CPU, 8-GB RAM, 100-GB SSD, four 10/100/1000BASE-T RJ-45 LAN ports, and two 1-Gigabit Ethernet/10-Gigabit Ethernet SFP+ WAN ports. This device provides integrated LTE modem for Europe and North America.

    • NFX150-C-S1-AA—Compact desktop model with 2.2-GHz 4-core Intel CPU, 8-GB RAM, 100-GB SSD, four 10/100/1000BASE-T RJ-45 LAN ports, and two 1-Gigabit Ethernet/10-Gigabit Ethernet SFP+ WAN ports. This device provides integrated LTE modem for Asia, Australia, and New Zealand.

    • NFX150-C-S1E-AE—Compact desktop model with 2.2-GHz 4-core Intel CPU, 16-GB RAM, 100-GB SSD, four 10/100/1000BASE-T RJ-45 LAN ports, and two 1-Gigabit Ethernet/10-Gigabit Ethernet SFP+ WAN ports. This device provides integrated LTE modem for Europe and North America.

    • NFX150-C-S1E-AA—Compact desktop model with 2.2-GHz 4-core Intel CPU, 16 GB RAM, 100 GB SSD, four 10/100/1000BASE-T RJ-45 LAN ports, and two 1-Gigabit Ethernet/10-Gigabit Ethernet SFP+ WAN ports. This device provides integrated LTE modem for Asia, Australia, and New Zealand.

  • Transceivers –NFX150 supports the following optics:

    • 10-gigabit SFP+ transceivers: EX-SFP-10GE-USR, EX-SFP-10GE-SR, EX-SFP-10GE-LR, EX-SFP-10GE-ER, EX-SFP-10GE-DAC-1M, EX-SFP-10GE-DAC-3M, EX-SFP-10GE-DAC-5M, EX-SFP-10GE-DAC-7M

    • 1-gigabit SFP transceivers: EX-SFP-1GE-SX, EX-SFP-1GE-SX-ET, EX-SFP-1GE-LX, EX-SFP-1GE-LH, EX-SFP-1GE-LX40K, EX-SFP-GE80KCW1470, EX-SFP-GE80KCW1490, EX-SFP-GE80KCW1510, EX-SFP-GE80KCW1530, EX-SFP-GE80KCW1550, EX-SFP-GE80KCW1570, EX-SFP-GE80KCW1590, EX-SFP-GE80KCW1610

    Note

    USR and ER optics are displayed as SFP+-10G-ER in the show system inventory hardware optics command output.

    Amphenol DAC 1M and 3M cables are displayed as unknown in the show system inventory hardware optics command output.

[See NFX150 Network Services Platform Hardware Guide.]

Service Chaining

  • VNF service chaining—Starting with Junos OS Release 18.1R1, the NFX150 device supports deploying and service chaining of multiple, secure, high-performance virtualized network functions (VNFs) as a single device. The Junos Control Plane (JCP) runs on the Junos VM and functions as the single point of management for the chassis and VNFs.

    [See Service Chaining on NFX Devices.]

Security

  • Secure Boot—Starting with Junos OS Release 18.1R1, the NFX150 devices support secure boot implementation, which is based on the UEFI 2.4 standard. The BIOS has been hardened and serves as a core root of trust. The BIOS updates, bootloader, and kernel are cryptographically protected. No action is required to implement secure boot.

    [See Feature Explorer and enter Secure Boot.]

Layer 2 Features and Protocols

  • Layer 2 features—Starting with Junos OS Release 18.1R1, the NFX150 supports Layer 2 features such as VLANs, IGMP snooping, MLDv1 snooping, MLDv2 snooping, port mirroring, port security, and the Link Layer Discovery Protocol (LLDP).

    [See Services and Ethernet Switching.]

Layer 3 Features and Protocols

  • Layer 3 features—Starting with Junos OS Release 18.1R1, the NFX150 supports Layer 3 features such as IP Security (IPsec), firewall filters, port mirroring, BFD, and class of service (CoS). It also supports Layer 3 protocols such as BGP, RIP, OSPFv1, OSPFv2, and IS-IS.

    [See IPsec and Security.]

Fault Management

  • OAM link fault management and connectivity fault management—Starting with Junos OS Release 18.1R1, NFX150 devices support configuration of IEEE 802.3ah OAM LFM on point-to-point Ethernet links that are connected either directly or through Ethernet repeaters. The IEEE 802.3ah standard meets the requirement for OAM capabilities even as Ethernet moves from being solely an enterprise technology to a WAN and access technology, and the standard remains backward-compatible with existing Ethernet technology.

    The IEEE 802.1ag specification provides for Ethernet connectivity fault management (CFM). CFM monitors Ethernet networks that might comprise one or more service instances for network-compromising connectivity faults.

    [See Fault Management.]

Network Service Orchestrator

  • Network Service Orchestrator—Starting with Junos OS Release 18.1R1, NFX150 devices support Network Service Orchestrator, which is a client included in the base software of the NFX150 device, and connects to the Network Activator deployed on a cloud or server. The Network Activator application intelligently automates service life cycle management of managed VPN networks, in-region secured Internet connections, and out-of-region IPsec connections on NFX150 devices. This application enables the booting and configuration of the NFX150 device when it is first powered on.

    [See Network Activator Overview.]

Wireless WAN

  • Wireless WAN— Starting with Junos OS Release 18.1R1, the following NFX150 device models provide wireless WAN support through the LTE module:

    • NFX150-S1

    • NFX150-S1E

    • NFX150-C-S1-AE

    • NFX150-C-S1-AA

    • NFX150-C-S1E-AE

    • NFX150-C-S1E-AA

[See NFX150 Network Services Platform Hardware Guide.]

Changes in Behavior and Syntax

This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands from Junos OS Release 18.1R3 for the NFX Series.

CLI

  • Starting with Junos OS Release 18.1R1, the host-os hierarchy level is replaced with the vmhost hierarchy level for NFX150 devices.

Known Behavior

This section lists known behavior, system maximums, and limitations in hardware and software in Junos OS Release 18.1R3 for the NFX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Known Behavior: 18.1R3

  • The file transfer rate from an external media over the network to an NFX150 device is around 40–50 Mbps.

    PR1290263

  • On NFX150 devices running Junos OS Release 18.1, service chaining can be achieved through front panel ports by using SR-IOV. For the switching to work through SR-IOV enabled front panel port, the physical NIC port must be up and operational.

    PR1319294

  • On NFX150 devices running Junos OS Release 18.1, you cannot use the request system software scripts command to add script packages on the Junos OS.

    PR1333061

  • On NFX150 devices running Junos OS Release 18.1, traffic shaping on tunnel interfaces such as IP-IP and GRE is not supported.

    PR1335582

  • On NFX150 devices running Junos OS Release 18.1, Transcend does not support Linux based SSD firmware upgrade mechanism in field for its SSD. Hence, field upgrade of Transcend SSD firmware cannot be provided for NFX150 devices.

    PR1347562

Known Issues

This section lists the known issues in hardware and software in Junos OS Release 18.1R3 for the NFX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Known Issues: 18.1R3

  • On NFX150 devices, you cannot generate an ISO configuration image. PR1316900

  • On NFX150 devices, connectivity fault management (CFM) is not supported on circuit cross-connect (CCC) interfaces. PR1311588

  • There is no commit check if the PCI address is reused for different interfaces in a VNF. As a workaround, we recommend that you stop the VNF and then add or delete interfaces. PR1205497

  • The show chassis routing-engine command displays the last reboot reason as power cycle/failure even for a normal system reboot. In addition, the logs record an abnormal shutdown message.PR1232501

  • Configuring more than the available number of virtual functions for an SR-IOV front panel port, might result in a state where the user MAC addresses for such interfaces are not released back to the System MAC Pool on deletion of the VNF. PR1259975

  • On NFX150 devices with LTE support running Junos OS Release 18.1, the show system visibility cpu command does not display CPU pinning information for LTE. There is no known workaround. PR1347609

  • While changing port mapping configuration across FPC0 and FPC1 on NFX150 devices with expansion module, forwarding path simulation process for FPC0 may crash when FPC0 restarts for port mapping configuration to take effect. This results in an additional reboot of FPC0. After the reboot, FPC0 recovers automatically and appears online. PR1347259

  • LTE functions as a kernel driver for modem packet handling and should not be treated as a customized VNF. The request command does not provide console support. PR1348196

  • On NFX150 devices running Junos OS Release 18.1, manually loading the factory-default configuration on the device might not set up the necessary configurations for Remote Activation to work. As a workaround, before loading the factory default configuration on the device, ensure that the configuration for phone-home is deleted and committed. PR1347308

  • On NFX150 devices running Junos OS Release 18.1, Dev key revocation is not supported by BIOS. Dev key revocation is to prevent customers from installing Dev signed image by mistake on their setup. PR1344738

  • On NFX150 devices running Junos OS Release 18.1, enabling hugepages for VNFs and pre-reserving of hugepages are not supported. Hence, the following commands are not supported:

    • set system memory hugepages

    • set virtual-network-functions vnf-name memory features hugepages

      PR1360998

  • On NFX150 devices running Junos OS Release 18.1, traffic statistics for 10-Gigabit Ethernet host interfaces are not displayed correctly. PR1348720

  • On NFX150 devices running Junos OS Release 18.1, syslog messages do not display xauth client authentication information such as assigned IP address and DNS.

    PR1305078

  • On NFX150 devices running Junos OS Release 18.1, FTP displays an error message, ftpd[14105]: bl_init: connect failed for `/var/run/blacklistd.sock' (No such file or directory.

    PR1315605

  • On NFX150 devices running Junos OS Release 18.1, CLI output for the show security ipsec inactive-tunnels command is incomplete.

    PR1325763

  • On NFX150 devices running Junos OS Release 18.1, error messages are seen while rebooting the FPC0 interface.

    PR1326487

  • On NFX150 devices running Junos OS Release 18.1, commit is successful with any message on the console while creating a VNF using CLI. However, VNF may not be created due to some errors. Syslog will show error messages with reasons for not creating the VNF.

    PR1333057

  • On NFX150 devices running Junos OS Release 18.1, file put operation by a user with no super-user permissions might fail.

    PR1333991

  • On NFX150 devices running Junos OS Release 18.1, file copy operation by a user with no super-user permissions might fail.

    PR1333995

  • On NFX150 devices running Junos OS Release 18.1, extracting contents of an archived file by using the tar -xzvf command might fail.

    PR1334485

  • On NFX150 devices running Junos OS Release 18.1, the op command, which is used to execute python scripts that are residing on the JCP might fail and result in an error. As a workaround, delete the configuration knob system scripts op allow-url-for-python and re-run the op command by using CLI.

    PR1360806

  • During BIOS upgrade process, it does not display the existing BIOS version or the new BIOS version to which it is being upgraded. Similarly, it does not display the BIOS version when a lower version of BIOS is getting upgraded to a higher version of BIOS.

    PR1342573

  • On NFX150 devices running Junos OS Release 18.1, after upgrading the image, the SYSHMD error messages are observed only once.

    PR1341005

  • On NFX150 devices running Junos OS Release 18.1, after upgrading the image, FPC0, FPC1 IFL error messages are observed only once.

    PR1341583

  • On NFX150 devices running Junos OS Release 18.1, request ca-certificate command fails. CA Trust certificates cannot be installed on the device.

    PR1343474

  • On NFX150 devices running Junos OS Release 18.1, the MTU of an heth interface cannot be set. The configuration knob of set vmhost interfaces heth-X-Y mtu is not supported.

    PR1346876

  • On the NFX150 running Junos OS Release 18.1, the rssi value for Wireless Model interface cl-1/1/0 shows negative value.

    PR1344377

Resolved Issues

This section lists the issues fixed in the Junos OS main release and the maintenance releases for NFX Series devices.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: 18.1R3

Junos Control Plane (NFX150)

  • On NFX150 devices running Junos OS Release 18.1, the file-copy operation by a user with no super-user permissions might fail.PR1333995

Resolved Issues: 18.1R2

Junos Control Plane (NFX150)

  • Under some circumstances, FPC0 ukern of NFX150 may crash and restart. The FPC recovers automatically and it does not crash again after the recovery. There is no known workaround. PR1347629

  • On NFX150 devices running Junos OS Release 18.1, jdmd core is observed after configuration changes failed to commit.

    PR1348783

  • On NFX150 devices running Junos OS Release 18.1, while changing port mapping configuration on FPC0 and FPC1 interfaces by using expansion module, memory corruption is detected in low memory and DMA Write errors are observed.

    PR1325585

  • On NFX150 devices running Junos OS Release 18.1, there could be a core related to Key Management Daemon (kmd) during some configuration changes. The issue is very rare.

    PR1330280

  • On NFX150 devices running Junos OS Release 18.1, vm core is observed while downloading the image from PHS.

    PR1330487

  • On NFX150 devices running Junos OS Release 18.1, mac-table entries are not updated with topology change notification (TCN).

    PR1326593

  • On NFX150 devices running Junos OS Release 18.1, with default LTE configuration, the PHC on the device will not be able to communicate with Juniper redirect server with LTE as the only link on the device. The name resolution of Juniper redirect server will fail without fixing this issue.

    PR1342499

Juniper Device Manager (NFX250)

  • On NFX250 devices running Junos OS Release 18.1, if the same VLAN ID is used in two different cross-connect configurations, the commit will not fail.

    PR1346698

Resolved Issues: 18.1R1

Juniper Device Manager (NFX250)

  • If a VNF requests for more memory than the available system memory, commit might go through without any errors resulting in VNF going into a shut off state. As a workaround, use the show system visibility memory command to check the available free memory before spawning a VNF. Alternatively, check the log files and the VNF shut off reason will be captured in /var/log/syslog file. PR1221647

  • While spawning a VNF, there might not be a commit check for the valid image type supported. PR1221642

Documentation Updates

This section lists the errata and changes in Junos OS Release 18.1R3 for the NFX Series documentation.

New Simplified Documentation Architecture

  • With the release of Junos OS Release 18.1, Juniper is simplifying its technical documentation to make it easier for you to find information and know that you can rely on it when you find it. In the past, we organized documentation about Junos OS software features into platform-specific documents. In many cases, features are supported on multiple platforms, so you might not easily find the document you want for your platform.

    With Junos OS Release 18.1, we have eliminated the platform-specific software feature documents. For example, if you want to find documentation on OSPF, there is only one document regardless of which platform you have. Here are some of the benefits of our new simplified architecture:

    • Over time, you will see better search results when looking for Juniper documentation. You will be able to find what you want faster and be assured that is the right document.

    • If a software feature is supported on multiple platforms, you can find information about all the platforms in one place.

    • Because we have eliminated many documents that covered similar topics, you will now find one document with all the information.

    • You can know that you are always getting the most current and accurate information.

Migration, Upgrade, and Downgrade Instructions

This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for Junos OS for the NFX Series. Upgrading or downgrading Junos OS might take several hours, depending on the size and configuration of the network.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.

To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.

For more information on EEOL releases and to review a list of EEOL releases, see https://www.juniper.net/support/eol/junos.html.

Basic Procedure for Upgrading to Release 18.1

When upgrading or downgrading Junos OS, use the jinstall package. For information about the contents of the jinstall package and details of the installation process, see the Installation and Upgrade Guide. Use other packages, such as the jbundle package, only when so instructed by a Juniper Networks support representative.

Note

The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration information from the previous software installation is retained, but the contents of log files might be erased. Stored files on the router, such as configuration templates and shell scripts (the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored files, copy them to another system before upgrading or downgrading the routing platform. For more information, see the Junos OS Administration Library.

Note

We recommend that you upgrade all software packages out of band using the console because in-band connections are lost during the upgrade process.

To download and install Junos OS Release 18.1R3 on NFX250 devices:

  1. Using a Web browser, navigate to the NFX250 software download URL on the Juniper Networks webpage:

    https://www.juniper.net/support/downloads/?p=nfx250#sw

  2. Select the release number (the number of the software version that you want to download) from the Version drop-down list to the right of the Download Software page.
  3. In the Install Package section of the Software tab, select the software package for the release.
  4. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
  5. Review and accept the End User License Agreement.
  6. Download the software to a local host.
  7. Copy the software to the device or to your internal software distribution site.
  8. Install the new package on the device. Use the following command to install the package:
    root@jdm>request system software add source/jinstall-host-nfx-2-flex-x86-64-18.1R3-secure-signed.tgz reboot

    Replace source with the path name of the local directory on the device, for example, /var/tmp.

    Adding the reboot command reboots the device after the upgrade is validated and installed. When the reboot is complete, the device displays the login prompt. The loading process might take 5 to 10 minutes. Rebooting occurs only if the upgrade is successful.

    Note

    After you install a Junos OS Release 18.1R3 jinstall package, you cannot return to the previously installed software by issuing the request system software rollback command.

To download and install Junos OS Release 18.1R3 on NFX150 devices:

  1. Using a Web browser, navigate to the NFX150 software download URL on the Juniper Networks webpage:

    https://www.juniper.net/support/downloads/?p=nfx150#sw

  2. Select the release number (the number of the software version that you want to download) from the Version drop-down list to the right of the Download Software page.
  3. In the Install Package section of the Software tab, select the software package for the release.
  4. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
  5. Review and accept the End User License Agreement.
  6. Download the software to a local host.
  7. Copy the software to the device or to your internal software distribution site.
  8. Install the new package on the device. Use the following command to install the package:
    root@nfx150>request vmhost software add source/jinstall-host-nfx-3-x86-64-18.1R3-secure-signed.tgz reboot

    Replace source with the path name of the local directory on the device, for example, /var/public.

    Adding the reboot command reboots the device after the upgrade is validated and installed. When the reboot is complete, the device displays the login prompt. The loading process might take 5 to 10 minutes. Rebooting occurs only if the upgrade is successful.

    Note

    After you install a Junos OS Release 18.1R3 jinstall package, you cannot return to the previously installed software by issuing the request system software rollback command.

Product Compatibility

Hardware Compatibility

To obtain information about the components that are supported on the devices, and special compatibility guidelines with the release, see the Hardware Guide and the Interface Module Reference for the product.

To determine the features supported on NFX Series devices in this release, use the Juniper Networks Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature information to find the right software release and hardware platform for your network. Find Feature Explorer at: https://pathfinder.juniper.net/feature-explorer/.

Hardware Compatibility Tool

For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms, see the Hardware Compatibility tool.

Software Version Compatibility

This section lists the vSRX and Cloud CPE Solution software releases that are compatible with the Junos OS releases on the NFX150 and NFX250 platforms:

NFX150 Software Version Compatibility

This section lists the vSRX software releases that are compatible with the Junos OS releases on the NFX150 platform:

Table 1: Software Compatibility Details with only vSRX Installed

NFX150 Junos OS Release

vSRX

18.1R1

18.1R1

18.1R2

18.1R2

18.1R3

18.1R3

NFX250 Software Version Compatibility

This section lists the vSRX and Cloud CPE Solution software releases that are compatible with the Junos OS releases on the NFX250 platform:

Table 2: Software Compatibility Details with vSRX and Cloud CPE Solution

NFX250 Junos OS Release

vSRX

Cloud CPE Solution

15.1X53-D40.3

15.1X49-D40.6

Cloud CPE Solution 2.0

15.1X53-D41.6

15.1X49-D61

Cloud CPE Solution 2.1

15.1X53-D102.2

15.1X49-D61

Cloud CPE Solution 3.0

15.1X53-D47.4

15.1X49-D100.6

Cloud CPE Solution 3.0.1

15.1X53-D490

15.1X49-D143

Cloud CPE Solution 4.0

15.1X53-D495

15.1X49-D160

Cloud CPE Solution 4.1

Table 3: Software Compatibility Details with only vSRX Installed

NFX250 Junos OS Release

vSRX

15.1X53-D40.3

15.1X49-D40.6

15.1X53-D41.6

15.1X49-D40.6

15.1X53-D45.3

15.1X49-D61

15.1X53-D47.4

15.1X49-D78.3

17.2R1

15.1X49-D75

17.3R1

15.1X49-D100

15.1X53-D471

15.1X49-D143

18.1R1

18.1R1

18.1R2

18.1R2

18.1R3

18.1R3