Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Junos OS Release Notes for PTX Series Packet Transport Routers

 

These release notes accompany Junos OS Release 18.2R3 for the PTX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

New and Changed Features

This section describes the new features and enhancements to existing features in the Junos OS main release and the maintenance releases for the PTX Series.

Release 18.2R3 New and Changed Features

There are no new features or enhancements to existing features in Junos OS Release 18.2R3 for the PTX Series.

Release 18.2R2 New and Changed Features

Interfaces and Chassis

  • LACP hold-up timer configuration support on LAG interfaces (PTX Series)—You can configure a Link Aggregation Control Protocol (LACP) hold-up timer value for link aggregation group (LAG) interfaces.

    With transport layer issues, it is possible for a link to be physically up and still cause LACP state-machine flapping, which can adversely affect traffic on the LAG interface. To prevent excessive flapping of a child (member) link of a LAG interface due to transport layer issues, a hold-up timer value is configured. LACP monitors the PDUs received on the child link for the configured time value, but does not allow the member link to transition from the expired or default state to the current state. This configuration thus prevents excessive flapping of the member link.

    To configure the LACP hold-up timer for LAG interfaces, use the hold-time up timer-value statement at the [edit interfaces ae aeX aggregated-ether-options lacp] hierarchy level.

    See [hold-time up and Configuring LACP Hold-UP Timer to Prevent Link Flapping on LAG Interfaces.]

Release 18.2R1 New and Changed Features

Hardware

  • Next-generation fixed-configuration packet transport router (PTX Series)— Starting in Junos OS Release 18.2R1, the new PTX10002-60C features a compact, 2 U form factor that is easy to deploy in space-constrained Internet exchange locations, remote central offices, and embedded peering points throughout the network, including cloud-hosted services. The PTX10002-60C has 60 QSFP28 ports that you can configure as 100 Gbps or 40 Gbps interfaces or channelize as four 10-Gbps interfaces. The ports handle up to 6 Tbps of throughput and 4 Bpps of forwarding capacity. The PTX10002-60C is available with either AC or DC power supplies, and it has airflow out, where air comes into the vents in the port panel and exhausts through the field-replaceable unit (FRU) panel.

  • PTX10K-LC1105 MACsec line card on PTX10008 and PTX10016 routers—Starting in Junos OS Release 18.2R1, the PTX10K-LC1105 line card provides thirty 100-Gbps or 40-Gbps QSFP28 ports with MACsec features.

    [See PTX10000 Line Card Components and Descriptions.]

Class of Service (CoS)

  • Support for class of service (CoS) on PTX10002-60C routers—Starting in Junos OS Release 18.2R1, PTX10002-60C routers support CoS.

    CoS is the assignment of traffic flows to different service levels. Service providers can use router-based CoS features to define service levels that provide different delay, jitter (delay variation), and packet loss characteristics to particular applications served by specific traffic flows.

    [See Understanding CoS CLI Configuration Statements on PTX Series Routers.]

High Availability (HA) and Resiliency

  • Resiliency support for PTX10008 and PTX10016 routers with JNP10K-RE1—Starting with Junos OS Release 18.2R1, resiliency support is enabled for PTX10008 and PTX10016 routers with the JNP10K-RE1 Routing and Control Boards (RCBs).

Interfaces and Chassis

  • Support for PTX10K-LC1105 line card (PTX10008)—Starting with Junos OS Release 18.2R1, PTX10008 routers support the PTX10K-LC1105 line card. The line card is designed to provide secure Ethernet communication across high-speed links. The card consists of 30 QSFP+ or QSFP28 Pluggable ports that are Media Access Control Security (MACsec) capable. The ports support speeds of 100 Gbps or 40 Gbps, which can be configured using the CLI.

  • Protection against distributed denial-of-service (DDoS) attacks (PTX10002-60C)—Starting in Junos OS Release 18.2R1, PTX10002-60C devices support DDoS protection for many Layer 2 and Layer 3 protocol families and packet types. DDoS attacks typically use network control packets to trigger a large number of exceptions in the network, consuming resources and crippling network operations. DDoS protection uses firewall filters and policers available in Junos OS to discard or rate-limit control plane traffic so that malicious traffic does not overwhelm and bring down a device. To configure DDoS protection, use the ddos-protection statement at the [edit system] hierarchy level to specify the desired protocol groups, control packet types, and filter parameters.

    [See Understanding Distributed Denial-of-Service Protection on PTX Series and QFX Series Devices.]

  • Channelization support (PTX Series)—Starting with Junos OS Release 18.2R1, you can use channelization functionality to subdivide a larger flexible optical interface into subinterfaces or channels. PTX Series routers have 12 ASIC circuits (PE) as a part of a Packet Forwarding Engine, and each PE switch has 5 ports (one standalone MAC port and 4 channelized MAC ports). The standalone MAC ports cannot be channelized. On the router, you can channelize 48 ports out of the available 60 ports.

    By default, the ports come up in a mode that does not support channelization.

    To enable channelization on an interface:

    [See Channelizing Interfaces.]

  • Enhanced fault management features—Starting with Junos OS Release 18.2R1, PTX10001 routers support the configuration of error thresholds and actions at the error scope and error category levels. Use the set chassis fpc fpc-slot error scope error-scope category category (fatal | major | minor) threshold error-threshold action (alarm | disable-pfe | get-state | offline | log | reset) command to configure an error threshold and action for a particular error scope and category at the FPC level. This feature can also be configured at the chassis level (at the [edit chassis] hierarchy). You can also disable an error or modify the severity of a particular error at the error ID level.

    You can use the show chassis fpc errors command to view the error information at the error scope and category level.

Junos Telemetry Interface

  • Streaming OpenConfig data from Routing Engine sensors over UDP in protobuf format (MX Series, PTX Series, QFX Series)—Starting in Junos OS Release 18.2R1, you can stream OpenConfig-based sensor data from Routing Engine sensors by using the Junos Telemetry Interface (JTI). JTI enables to stream the OpenConfig sensor data in gRPC/protobuf format rather than in key/value pairs. Using the protobuf format is more efficient and makes the messages smaller.

    [See Overview of the Junos Telemetry Interface.]

  • Routing Engine state sensors for the Junos Telemetry Interface (MX Series, PTX Series)—Starting with Junos OS Release 18.2R1, you can export statistics for the Routing Engine state through the Junos Telemetry Interface using the following resource paths:

    • /junos/kernel-ifstate/stats/churn-rate

    • /junos/kernel-ifstate/stats/peer-consumption-rate

    • /junos/kernel-ifstate/stats/vetos-statistics

    Only gRPC streaming is supported.

    To provision the sensor to export data through gRPC, use the telemetrySubscribe RPC to specify telemetry parameters. Streaming telemetry data through gRPC also requires you to download the OpenConfig for Junos OS module.

    Support for the Junos Telemetry Interface was introduced on QFX10000 and QFX5200 switches in Junos OS Release 17.2R1.

    [See Guidelines for gRPC Sensors (Junos Telemetry Interface).]

  • Expanded ON_CHANGE support for Junos Telemetry Interface (JTI) (MX Series, PTX Series)—Starting with Junos OS Release 18.2R1, OpenConfig support through remote procedure call (RPC) and JTI is extended to support additional ON_CHANGE sensors for some endpoints under resource paths /interfaces/interface/state and /interfaces/interface/subinterfaces/subinterface/state/.

    Periodical streaming of OpenConfig operational states and counters collects information at regular intervals. ON_CHANGE support streams operational states as events (only when there is a change), and is preferred over periodic streaming for time-sensitive missions.

    To provision a sensor to export data through gRPC, use the telemetrySubscribe RPC to specify telemetry parameters. Streaming telemetry data through gRPC also requires you to download the OpenConfig for Junos OS module.

    To enable ON_CHANGE support, configure the sample frequency in the subscription as zero. When you create a subscription using a top-level container as the resource path (for example, /interface), leaf devices under the resource path /interface with ON_CHANGE support are automatically streamed based on events. Other leaf devices will not be streamed.

    Before events are streamed, there is an initial stream of states to the collector, followed by an END_OF_INITIAL_SYNC. This notice signals the start of event streaming.

    [See Understanding OpenConfig and gRPC on Junos Telemetry Interface and Guidelines for gRPC Sensors (Junos Telemetry Interface).]

  • J-Insight Device Monitor (PTX Series)—J-Insight is a data-driven device-monitoring solution that provides visibility and insight into the health of a running system. Starting with Junos OS Release 18.2R1, the J-Insight framework facilitates real-time monitoring of system resources for FPC FRUs. It also has been integrated with the existing connectivity error management infrastructure to normalize error detection, monitoring, and reporting. J-Insight is an on-premise system application that uses the Junos Telemetry Interface to continuously collect data that reflect the current state and health of the device component being monitored.

    [See J-Insight Device Monitor Overview.]

Layer 3 Features

  • Support for Layer 3 unicast features on PTX10002-60C—Starting in Junos OS Release 18.2R1, PTX10002-60C routers support the following Layer 3 features for unicast IPv4 and IPv6 traffic:

    • OSPF

    • IS-IS

    • BGP

MPLS

  • LDP support (PTX10002-60C)—Starting in Junos OS Release 18.2R1, the PTX10002-60C router supports the Label Distribution Protocol (LDP). LDP is a protocol for distributing labels in non-traffic-engineered applications. LDP enables routers to establish label-switched paths (LSPs) through a network by mapping network-layer routing information directly to data link layer-switched paths. [ See MPLS Applications User Guide for Routing Devices.]

  • RSVP support (PTX10002-60C)—Starting in Junos OS Release 18.2R1, the PTX10002-60C router supports RSVP. RSVP is a resource reservation setup protocol that is used by both network hosts and routers. Hosts use RSVP to request a specific class of service (CoS) from the network for particular application flows. Routers use RSVP to deliver CoS requests to all routers along the datapath. RSVP can also maintain and refresh states for a requested CoS application flow. [ See MPLS Applications User Guide for Routing Devices.]

  • MPLS capabilities (PTX10002-60C)—Starting in Junos OS Release 18.2R1, MPLS capabilities are available on the PTX10002-60C router. MPLS provides both label edge router (LER) and label-switching router (LSR) capabilities, and supports the following features:

    • Object access method, including ping, traceroute, and Bidirectional Forwarding Detection (BFD)

    • Fast reroute (FRR) which is a component of MPLS local protection. Both one-to-one local protection and many-to-one local protection are supported.

    • Loop-free alternate (LFA)

    • IPv6 Provider Edge (6PE) and IPv6 VPN Provider Edge (6VPE) devices

    • Layer 3 VPNs for both IPv4 and IPv6

    • Layer 2 circuit

    [ See MPLS Applications User Guide for Routing Devices.]

  • Support for IS-IS segment routing (PTX10002-60C)—Starting in Junos OS Release 18.2R1, IS-IS segment routing support is enabled through MPLS. Junos OS IS-IS implementation allocates node segment label blocks to support segment routing node segments. It also provides a mechanism to the network operator to provision an IPv4 or IPv6 address family node segment index. To configure segment routing (also known as source packet routing), use the following configuration statements at the [edit protocols isis] hierarchy level:

    • source-packet-routing

    • node-segment

    • use-source-packet-routing

    • no-advertise-adjacency-segment

    [ See IS-IS User Guide.]

  • Egress peer engineering of service labels (such as BGP and MPLS) and egress peer protection for BGP-LU (PTX10002-60C)—Starting in Junos OS Release 18.2R1, you can enable traffic engineering of service traffic, such as MPLS LSP traffic between autonomous systems (ASs), by using BGP-labeled unicast for optimum utilization of the advertised egress routes. You can specify one or more backup devices for the primary egress AS boundary router. Junos OS installs the backup path in addition to the primary path in the MPLS forwarding table, which enables MPLS fast reroute (FRR) when the primary link fails. It provides support for the FRR protection backup scheme to perform an IP lookup to determine a new egress interface.

    [See Configuring Egress Peer Traffic Engineering by Using BGP Labeled Unicast and Enabling MPLS Fast Reroute.]

  • IPv6 tunneling over an MPLS-based IPv4 network (PTX10002-60C)—Starting in Junos OS Release 18.2R1, tunneling enables you to connect IPv6 sites over an IPv4 MPLS-enabled backbone. IPv6 packets are carried over an IPv4 MPLS tunnel. To enable this service, you need to deploy provider edge (PE) routers that can run IPv4, MPLS, and BGP toward the core and IPv6 toward the edge.

    [ See Example: Tunneling IPv6 Traffic over MPLS IPv4 Networks.]

  • MPLS inter-AS link protection (PTX10002-60C)—Starting in Junos OS Release 18.2R1, MPLS inter-AS link protection is supported. Link protection is essential in an MPLS network to ensure traffic restoration in case of an interface failure. The ingress router will then choose an alternate link through another interface to send traffic to its destination.

    For an MPLS inter-AS environment, link protection can be enabled when labeled-unicast is used to send traffic between autonomous systems (ASs). To configure link protection on an interface, the protection statement is introduced at the [edit protocols bgp group group-name family inet labeled-unicast] hierarchy level.

    [ See Understanding MPLS Inter-AS Link Protection.]

Multicast

  • Support for multicast protocols (PTX10002-60C) routers—Starting in Junos OS Release 18.2R1, PTX10002-60C routers support the following multicast protocols:

    • Protocol Independent Multicast sparse mode— PIM sparse mode enables efficient routing to multicast groups with receivers sparsely spread over multiple networks. To configure PIM sparse mode, include the pim statement at the [edit protocols] hierarchy level. PIM sparse mode supports static RP addresses, bootstrap routers, automatic RP announcement and discovery, and anycast RP functionality.

      [See Understanding PIM Sparse Mode.]

    • PIM source-specific multicast (PIM SSM)— PIM source-specific multicast uses a subset of PIM sparse mode and IGMPv3 to enable a client to receive multicast traffic directly from the source. PIM source-specific multicast uses the PIM sparse-mode functionality to create a shortest-path tree (SPT) between the client and the source, but builds the SPT without the help of a rendezvous point.

      [See Understanding PIM Source-Specific Mode.]

    • Internet Group Management Protocol (IGMP)—IGMP manages the membership of hosts and routing devices in multicast groups.

Network Management and Monitoring

  • sFlow functionality introduced on PTX1000 and PTX10000—Starting in Junos OS Release 18.2R1, the PTX1000 and PTX10000 routers support sFlow, a network monitoring protocol for high-speed networks. With sFlow, you can continuously monitor tens of thousands of ports simultaneously. The mechanism used by sFlow is simple, not resource intensive, and accurate. An sFlow agent embedded in a network device samples packets and gathers interface statistics and sends the information to a monitoring station called a collector for analysis. An sFlow agent can be implemented in a distributed model. In such a case, each subagent has a separate subagent ID and is responsible for monitoring a set of network ports. The subagents share a common agent address.

    [See Configuring sFlow Technology for Network Monitoring (CLI Procedure) and sflow.]

  • Support for Junos Space Service Now (PTX10008 and PTX10016)—Starting in Junos OS Release 18.2R1, PTX10008 and PTX10016 routers support Junos Space Service Now. Junos Space Service Now is an application that runs on the Junos Space Network Management Platform to automate fault management and accelerate issue resolution.

    [See Junos Space Service Now.]

  • Support for port mirroring on PTX10002-60C routers—Starting in Junos OS Release 18.2R1, PTX10002-60C routers supports port mirroring. Port mirroring copies packets entering or exiting a port and sends the copies to a local interface for local monitoring. You can use port mirroring to send traffic to applications that analyze traffic for purposes such as monitoring compliance, enforcing policies, detecting intrusions, monitoring and predicting traffic patterns, correlating events, and so on.

    [See Configuring Port Mirroring.]

Operation, Administration, and Maintenance (OAM)

  • Connectivity fault management (CFM) support (PTX Series)—Starting with Junos OS Release 18.2R1, PTX5000 routers with FPC-P2 support Ethernet OAM CFM on the child links of tagged aggregated Ethernet bundles for IPv4 traffic, thereby enabling you to monitor faults on those child links.

    The CFM supports fault monitoring and path discovery functionalities.

    Note

    To enable CFM on an Ethernet interface, you must configure maintenance domains, maintenance associations, and maintenance association end points (MEPs).

    [See IEEE 802.1ag OAM Connectivity Fault Management Overview .]

Routing Policy and Firewall Filters

  • Support for firewall filters and policers on PTX10002-60C routers—Starting in Junos OS Release 18.2R1, you can define firewall filters on the PTX10002-60C routers that define whether to accept or discard packets. The PTX10002-60C routers support IPv4 filters, IPv6 filters, and MPLS filters.

    You can also use policing to apply limits to traffic flow and specify the action to be taken for packets that exceed those limits.

    [See Firewall Filters Overview.]

Services Applications

  • Support for multiple flow collectors for inline flow monitoring (PTX Series)—Starting in Junos OS Release 18.2R1, you can export flow records generated by inline flow monitoring to four collectors under a family with the same source IP address. The Packet Forwarding Engine can export the flow record, flow record template, option data, and, option data template packet to all configured collectors. You can configure the multiple collectors at the [edit forwarding-options sampling instance instance name] hierarchy level.

    [See Monitoring Network Traffic Flow Using Inline Flow Monitoring on PTX Series Routers.]

  • Support for inline flow monitoring (PTX10008 and PTX10016)—Starting in Junos OS Release 18.2R1, Junos OS supports inline active flow monitoring. Inline active flow monitoring supports version 9 and IPFIX flow collection templates. Version 9 template is supported for IPv4, IPv6, and MPLS. IPFIX template is supported for IPv4, IPv6, and MPLS. Both IPFIX and version 9 templates use UDP as the transport protocol.

    [See Monitoring Network Traffic Flow Using Inline Flow Monitoring on PTX Series Routers.]

  • Support for MPLS, MPLS-IPv4, and MPLS-IPv6 inline active flow monitoring (PTX Series)—Starting in Junos OS Release 18.2R1 on PTX Series routers, you can perform inline flow monitoring for MPLS, MPLS-IPv4, and MPLS-IPv6 traffic. Both IPFIX and version 9 templates are supported. Inline flow monitoring for MPLS-over-UDP flows was supported in Junos OS Release 18.1R1.

    [See Configuring Inline Active Flow Monitoring on PTX Series Routers.]

Software Installation and Upgrade

  • Zero Touch Provisioning (PTX3000, PTX5000, PTX10008, PTX10016)—Starting in Junos OS Release 18.2R1, Zero Touch Provisioning (ZTP) is supported to automate the provisioning of the device configuration and software image with minimal manual intervention.

    When you physically connect a router to the network and boot it with a factory configuration, the router attempts to upgrade the Junos OS software image automatically and autoinstall a configuration file from the network through the management interface on PTX5000, PTX3000, PTX10008, and PTX10016 routers. The router uses information configured on a DHCP server to locate the necessary software image and configuration files on the network. If you have not configured the DHCP server to provide this information, the router boots with the preinstalled software and factory-default configuration. The ZTP process either upgrades or downgrades the Junos OS version.

    [See Understanding Zero Touch Provisioning and Configuring Zero Touch Provisioning.]

  • ZTP support (PTX10002-60C switch)—Starting with Junos OS Release 18.2R1, Zero Touch Provisioning, automates the provisioning of the device configuration and software image with minimal manual intervention, and is supported on PTX10002-60C VM hosts. When you physically connect a supported device to the network and boot it with a factory configuration, the device attempts to upgrade the Junos OS software image automatically and autoinstall a configuration provided on the DHCP server.

    [See Zero Touch Provisioning.]

System Management

  • Support for request vmhost and show vmhost commands (PTX10002-60C switches)—Starting in Junos OS Release 18.2R1, many of the request system and show system commands have been replaced with request vmhost and show vmhost commands.

    Here is a list of the vmhost commands that are now supported:

    • request vmhost cleanup

    • request vmhost file-copy

    • request vmhost halt

    • request vmhost hard-disk-test

    • request vmhost power-off

    • request vmhost power-on

    • request vmhost reboot

    • request vmhost snapshot

    • request vmhost software add

    • request vmhost software rollback

    • request vmhost zeroize

    • show vmhost bridge

    • show vmhost crash

    • show vmhost hard-disk-test

    • show vmhost hardware

    • show vmhost information

    • show vmhost logs

    • show vmhost management-if

    • show vmhost netstat

    • show vmhost processes

    • show vmhost resource-usage

    • show vmhost snapshot

    • show vmhost status

    • show vmhost uptime

    • show vmhost version

    [See VM Host Operations and Management for more information.]

  • New tool to detect high CPU utilization for routing protocol process (PTX Series)—Starting in Junos OS Release 18.2R1, a flight recorder tool is introduced to gather historical data on when the CPU utilization for the routing protocol process on a device was high and what processes caused the high utilization. The tool collects snapshots of data, enabling detection of high CPU usage and faster resolution of issues.

    Because some of the high CPU utilization cases are intentional or expected, you can enable and disable the flight recorder tool to avoid false alarms.

    [See request flight-recorder set high-cpu and show flight-recorder status.]

Changes in Behavior and Syntax

This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands in Junos OS Release 18.2R3 for the PTX Series.

High Availability (HA) and Resiliency

  • commit fast-synchronize option not supported for products with single Routing Engine (PTX Series)—Starting in Junos OS Release 18.2R1, Junos OS does not support the configuration option commit fast-synchronize at the [edit system] hierarchy level for all the products with single Routing Engine for which chassis redundancy graceful-switchover is not supported. This option commit fast-synchronize is disabled from the CLI.

Interfaces and Chassis

  • Power supply alarm is not raised when the input switch status is OFF or power is not connected (PTX10008, PTX10016)—Starting in Junos OS Release 18.2R1, the power supply alarm A power supply input has failed is not raised if the INP1/INP2 switch status if off and the power is not connected. In earlier releases, an alarm is raised for the power entry module (PEM) that are not powered on as Not Powered irrespective of the switch state. Now, to know the power supply status, execute the show chassis power or show chassis power detail CLI command. The DC input is the new output parameter that provides information about the status of the input feed.

    Previous behavior:

    user@host> show chassis power

    Current behavior:

    user@host> show chassis power

    [See show chassis power.]

  • New XML tag element <lacp-hold-up-state> added in show lacp interfaces XML display (PTX Series)—In Junos OS Release 18.2R3, the show lacp interfaces | display xml command displays a new XML tag element <lacp-hold-up-state>. The <lacp-hold-up-state> displays the time interval that an interface holds before it changes state from down to up. In earlier Junos OS releases, the LACP hold-up information for all interfaces were displayed in a single <lacp-hold-up-information> XML tag. Now, for each interface, the LACP hold-up information is displayed in a separate <lacp-hold-up-information> XML tag.

  • New option for configuring IP addresses when the Routing Engine is the current master—In Junos OS Release 18.2R3, a new option, master-only, is supported on routers with RE-MX-X6, RE-MX-X8, and RE-PTX-X8 Routing Engines at the following hierarchies:

    • [edit vmhost interfaces management-if interface (0|1) family inet address IPv4 address]

    • [edit vmhost interfaces management-if interface (0|1) family inet6 address IPv6 address]

    In routing platforms with dual Routing Engines and VM host support, the master-only option enables you to configure the IP address to be used for the VM host when the Routing Engine is the current master. The master Routing Engine and the backup Routing Engine can have independent host IP addresses configured. In earlier Junos OS releases, the same IP address is applied on the master and backup Routing Engines, resulting in configuration issues.

Junos OS XML API and Scripting

  • Junos XML protocol <open-configuration> operation no longer emits an uncommitted changes warning (PTX Series)—Starting in Junos OS Release 18.2R1, the Junos XML protocol <open-configuration> operation does not emit an "uncommitted changes will be discarded on exit" warning message when opening a private copy of the candidate configuration. However, Junos OS still discards the uncommitted changes upon closing the private copy.

  • MD5 and SHA-1 hashing algorithms are no longer supported for script checksums (PTX Series)—Starting in Junos OS Release 18.2R2, Junos OS does not support configuring an MD5 or SHA-1 checksum hash to verify the integrity of local commit, event, op, SNMP, or Juniper Extension Toolkit (JET) scripts or support using an MD5 or SHA-1 checksum hash with the op url url key option to verify the integrity of remote op scripts.

Junos Telemetry Interface

  • Change to the configuration location for gRPC-based sensor subscriptions from an external collector (PTX Series)—Starting in Junos OS Release 18.2R1, when an external streaming server, or collector, provisions sensors to export data through gRPC on devices running Junos OS, the sensor configuration is committed to the junos-analytics instance of the ephemeral configuration database, and the configuration can be viewed by using the show ephemeral-configuration instance junos-analytics operational command. In earlier releases, the sensor configuration is committed to the default instance of the ephemeral configuration database.

MPLS

  • New debug statistics counter (PTX Series)—The show system statistics mpls command has a new output field, called Packets dropped, over p2mp composite nexthop, to record the packet drops over composite point-to-multipoint next hops.

Network Management and Monitoring

  • New context-oid option for trap-options configuration statement to distinguish the traps that come from a nondefault routing instance and nondefault logical system (PTX Series)—In Junos OS Release 18.2R1, a new option, context-oid, for the trap-options statement allows you to handle prefixes such as <routing-instance name>@<trap-group> or <logical-system name>/<routing-instance name>@<trap-group> as an additional varbind.

    [See trap-options.]

  • Junos OS does not support management of YANG packages in configuration mode (PTX Series)—Starting in Junos OS Release 18.2R2, adding, deleting, or updating YANG packages using the run command in configuration mode is not supported.

  • No chassis alarm when power consumption by an FPC exceeds 90% or 100% of the allocated power budget—Starting in Junos OS Release 18.2R2, the PTX5000 routers do not raise a chassis alarm in the following events:

    • Power consumption by an FPC exceeds 90% of the allocated power budget.

    • Power consumption by an FPC exceeds 100% of the allocated power budget (in this case, a system log is registered).

  • The NETCONF server omits warnings in RPC replies when the rfc-compliant statement is configured and the operation returns <ok/> (PTX Series)—Starting in Junos OS Release 18.2R2, when you configure the rfc-compliant statement at the [edit system services netconf] hierarchy level to enforce certain behaviors by the NETCONF server, if the server reply after a successful operation includes both an <ok/> element and one or more <rpc-error> elements with a severity level of warning, the warnings are omitted. In earlier releases, or when the rfc-compliant statement is not configured, the NETCONF server might issue an RPC reply that includes both an <rpc-error> element with a severity level of warning and an <ok/> element.

  • Change in error severity (PTX10016)—Starting in Junos OS Release 18.2R3, on PTX10016 routers, the severity of the FPC error, shown in the syslog as PE Chip::FATAL ERROR!! from PE2[2]: RT: Clear Fatal if it is detected LLMEM Error MEM:llmem, MEMTYPE: 1, is changed from fatal to non-fatal (or minor). If this error occurs, the message is displayed for informational purposes only. To view the error details, you can use the show commands show chassis fpc errors and show chassis errors active.

    [See show chassis fpc errors]

Routing Policy and Firewall Filters

  • Error caused by firewall filters with syslog and accept action (PTX1000 or PTX series routers with type 3 FPCs)—In Junos OS Release 18.2R3, under rare circumstances, the host interface might stop sending packets and the connections to and from the peer might fail if an outbound firewall filter is configured with an action of syslog and accept. This condition applies to IPv4 and IPv6 traffic families. To avoid this issue, do not use the syslog and accept action in the output filter for these systems.

    An example configuration is provided (shows IPv4).

    [For more information, see PR 1354580.]

Software Installation and Upgrade

  • New DHCP option introduced for ZTP retry (PTX Series)—Starting in Junos OS Release 18.2R1, a new DHCP option is introduced to set the timeout value for the file downloads over FTP. If the transfer-mode is set as FTP, the default value for the timeout is automatically set as 120 minutes. That is, if the FTP session gets interrupted due to loss of connectivity in the middle of a file transfer, it will time out after 120 minutes and ZTP will attempt to retry the file-fetching process. This value can be overridden using the DHCP option as follows:

    where “val” is the user configurable timeout value in seconds and must be provided within double quotation marks (for example, "val").

  • ssh-keygen output is tagged in XML (PTX1000)—In Junos OS Release 18.2R2, the ouput of the ssh-keygen utility that is invoked when generating the ssh keys, is now in its XML form, and is wrapped in <output> tags. You can see this in the console output at the time a device boots up with a new image.

    [See Junos OS Installation Package Names.]

Subscriber Management and Services

  • DHCPv6 lease renewal for separate IA renew requests (PTX Series)—Starting in Junos OS Release 18.2R2, the jdhcpd process handles the second renew request differently in the situation where the DHCPv6 client CPE device does both of the following:

    • Initiates negotiation for both the IA_NA and IA_PD address types in a single solicit message.

    • Sends separate lease renew requests for the IA_NA and the IA_PD and the renew requests are received back-to-back.

    The new behavior is as follows:

    1. When the reply is received for the first renew request, if a renew request is pending for the second address type, the client stays in the renewing state, the lease is extended for the first IA, and the client entry is updated.

    2. When the reply is received for the second renew request, the lease is extended for the second IA and the client entry is updated again.

    In earlier releases:

    1. The client transitions to the bound state instead of staying in the renewing state. The lease is extended for the first IA and the client entry is updated.

    2. When the reply is received for the second renew request, the lease is not renewed for the second address type and the reply is forwarded to the client. Consequently, when that lease ages out, the binding for that address type is cleared, the access route is removed, and subsequent traffic is dropped for that address or address prefix.

    [See Using DHCPv6 IA_NA with DHCPv6 Prefix Delegation Overview.]

Known Behavior

This section contains the known behavior, system maximums, and limitations in hardware and software in Junos OS Release 18.2R3 for the PTX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

  • When an FPC goes offline or restarts, FPC x sends traffic to FPC y. The following error messages are displayed and a corresponding alarm is set on the destination FPC. Specific to PTX10000 line of devices, the transient alarm is set when this condition occurs. The alarm clears later when the source FPC goes offline. Apr 09 10:31:24 [TRACE] [asta] Apr 9 10:19:59 asta fpc4 Error (0x210613), module: PE Chip, type: Apr 09 10:31:24 [TRACE] [asta] Apr 9 10:19:59 asta fpc4 Cmerror Op Set: PE Chip: PE1[1]: FO:core intr: 0x00000010: Grant spray drop due to unspray-able condition error Apr 09 10:31:24 [TRACE] [asta] Apr 9 10:19:59 asta fpc4 Error (0x210614), module: PE Chip, type: Apr 09 10:31:24 [TRACE] [asta] Apr 9 10:19:59 asta fpc4 Cmerror Op Set: PE Chip: PE1[1]: FO:core intr: 0x00000008: Request spray drop due to unspray-able condition error PR1268678

  • In the specific case of semigraceful RCB reboot initiated by the internal shell command: vhclient init 0, GRES takes longer to complete; that is, 3 minutes as opposed to 21 seconds. The regular CLI command: request vmhost reboot (graceful) and a jack-out-jack-in of the Routing Engine (ungraceful) do not exhibit this delay. PR1312065

  • MPLS Ingress LSP statistics are not supported. PR1337814

  • When unsupported sensors are configured, the sensors are subscribed to on the device, but no data is exported. PR1339559

  • Micro-BFD configuration with interface addresses is not supported on PTX Series devices (and QFX Series devices) on FPC3. PR1341513

  • The Routing Engine boots from the secondary disk when you:

    a) Press the reset button on the RCB front panel while the Routing Engine is booting up but before Junos OS is up.

    b) Upgrade software, by booting from the network using the request vmhost reboot network command, and the system fails to boot from the network.

    c) Upgrade BIOS and the upgrade fails.

    d) Reboot and the system hangs before Junos OS is up. PR1344342

  • Due to a ZH ASIC limitation, MAC statistics under show interface in the Routing Engine might not reflect Mac error Counters properly if the ingress packet size is greater than the default mtu (1518) or user configured mtu size (set interface <interface-name>mtu <288...9600>PR1345779

  • Ingress LSP statistics is not supported. Only transit LSP statistics are supported, and it is limited to 24000 only. PR1355909

  • The 100-Gigabit DAC connected between QFX5200 and PTX10002-60C or QFX10002-60C does not link up. This is because BCM-based devices have link-training enabled while PE-based devices do not have link-training enabled for 100G DAC/CR4. PR1356834

  • Frequent speed changes on interface ports might cause the the relevant port's physical interface not to be created. PR1367946

  • The ingress interface and mirror interface should have the same MTU, or the mirror interface should have a higher MTU than the ingress interface. PR1372321

  • The set interfaces <interface-name>gigether-options fec <fec74/fec91/none> configuration is not supported for JNP hardware running Junos for PTX1000-M20C. PR1388140

  • A LU-BGP traffic loss is seen on link-up. When link is made up, there might be a race condition between ingress using the new path and transit programming the label route. Because, the ingress might prematurely use the new link that is dropped at transit as transit has not programmed the label route yet. A v4/v6 traffic loss is seen on link up/down. In some scenario, indirect next-hop changes from old path to better new path. But the indirect next-hop starts using the new better path before the new better path (forwarding next-hop) gets programmed in Packet Forwarding Engine. A v4/v6 traffic loss is seen on link up. When link is made up, there might be a race condition between ingress using the new path by doing indirect next-hop change and transit doing indirect next-hop change to use a better path. If ingress is faster than transit in doing indirect next-hop change, then, the traffic at transit is forwarded to ingress and ingress loops it back to transit resulting in a micro loop until transit programs the indirect next-hop change. PR1400784

  • When a member link gets deleted or deactivated from an aggregated Ethernet bundle or the the link goes down, on which the inline BFD session is currently established, the BFD session might flap. This is a day-one limitation of the inline BFD design on PTX Series routers. PR1401342

Infrastructure

  • When Layer 3 interface comes up, there can be mismatch in IFL counters between Routing Engine and Jvision. This mismatch pertains to ARP/GARP packets. As ARP/GARP packet that gets initiated the moment Layer 3 interface comes up (from spirent/DUT) Routing Engine ends up having one packet less on IFL. PR1361282

Interfaces and Chassis

  • Upgrading Junos OS Release 14.2R5 and later maintenance releases and Junos OS Release 16.1 and later mainline releases with CFM configuration might cause the cfmd process to crash after upgrade. This is because of the old version of /var/db/cfm.db. PR1281073

  • On PTX10008 and PTX10016 routers, if you remove the redundant Switch Interface Board (SIB) after upgrading Junos OS from Release 17.4R1 or Release 17.2X75-D90 to a later release, then an alarm is not generated. This is a known behavior and has no impact on the performance of the router.

Known Issues

This section lists the known issues in hardware and software in Junos OS Release 18.2R3 for the PTX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Forwarding and Sampling

  • The show firewall filter command does not display policers counters for filters that reference three-color policers. PR1364673

General Routing

  • In a rare race condition, multiple interrupts are not handled properly on MX platform with MPC7E/MPC8E/MPC9E and PTX platform with FPC3-PTX-U2/FPC3-PTX-U3, which could lead to a core-dump. This condition is difficult to reproduce. As a workaround, the interrupt code is optimized to avoid the unnecessary call to prevent the issue. PR1208536

  • The following error messages occur during GRES and unified ISSU: syslog errors @ agentd_rts_async_rtbm_msg : FLM : Failed to create private. PR1232636

  • On the third-generation FPCs of PTX Series routers (PTX3000, PTX5000 FPC3, PTX1000) if the protocols mpls no-propagate-ttl command is configured, the MPLS TTL field can be reset to 255 in the packets where a label swap operation is performed. PR1287473

  • On a PTX Series PIC with a CFP2-DCO-T-WDM transceiver installed, after repeated configuration rollbacks, the link sometimes takes a long time to come up. PR1301462

  • When a CFP2-DCO-T-WDM-1 transceiver is plugged in a PTX Series PIC, after the FPC restarts, sometimes carrier frequency offset TCA is increased even when TCA not enabled. PR1301471

  • Next Generation Routing Engine (NG-RE) with models RE-S-X6-64G, RE-S-2X00x6 and RE-PTX-X8-64G on MX or PTX platform may encounter a transient system freeze of the Linux based host (VMHost) for about 20-35 seconds, causing protocol flaps, FPC restart and mastership switch between Routing Engines. Due to incorrect handling of the disk IO commands, a disk I/O timeout is reported and the system will recover by resetting of the solid-state drives (SSD) channel. The system will continue to operate correct after such an event. PR1312308

  • On a PTX Series router with a third-generation FPC, an error message is displayed when the FPC goes online or offline. PR1322491

  • On PTX Series devices with TQ-chip cards (for example, FPC1 or FPC2) and class of service (CoS) used, a high-priority queue might not get the entire configured bandwidth. PR1324853

  • Protocol-based classification for host-bound traffic does not work. Due to the missing classification, protocol-specific (BGP and OSPF, etc.) statistics are not accounted for correctly. PR1328631

  • On a 30-Port MACsec-enabled line card (LC1101-M - 30C / 30Q / 96X) of PTX10008 chassis, when the exclude-protocol lacp configuration statement at the [edit security macsec connectivity-association connectivity-association-name], hierarchy level is deleted or deactivated, the LACP Protocol's Mux State shown under the output of the CLI command show lacp interface, might remain as "attached" or "detached" and might not transition to "distributing" state.PR1331412

  • Some default Routing Engine sensors are subscribed as part of default j-insight package. PR1339329

  • The same port range (0..19) is used for both PIC 0 and PIC 1. PR1342081

  • PTX3000 reports CCL (chip-to-chip link) CRC errors when FPC3-SFF-PTX-1X is taken offline through a CLI command or by pressing the offline button. A syslog error is generated by the FPC just before it goes offline, so there is no detectable traffic loss. PR1348733

  • On Next Generation Routing-Engine (NG-RE), a failure of the Hardware Random Number Generator (HWRNG) will leave the system in a state where there are not enough entropy available to operate. PR1349373

  • The host path statistics of the Routing Engine and Packet Forwarding Engine might not match. PR1353699

  • If output firewall filter is configured with the syslog or log option, the host interface might be wedged on PTX1000, PTX5000 and PTX10000. The change in this PR is to add the warning but does not prevent the problem which the host interface stop sending packets. This condition might occur if all below conditions are met:

    1) Packet which is hitting the filter term should be less than 128 bytes

    2) Output firewall filter has syslog, log or port-mirror & accept action. Sample configuration for V4 & V6:

    set interfaces<interface name> unit<unit> family inet filter output <filter-V4>

    set firewall family inet filter <filter-V4> term 1 then log

    set firewall family inet filter <filter-V4> term 1 then accept

    set interfaces <interface name> unit family inet6 filter output <filter-V6>

    set firewall family inet6 filter <filter-V6> term 1 then log

    set firewall family inet6 filter <filter-V6> term 1 then acceptPR1354580

  • On PTX1000-M20C, while configuring MAC-Sec over a 40g interface, it might lead to invariable blocking of these ports leading to traffic drop. To circumvent this issue, it is advisable to configure the 40g speed over the interfaces and reboot the box before the MacSec configuration. PR1357849

  • With aggregated Ethernet flap, OSPF session establishment might take more time than average to converge. PR1359343

  • Committing aggregated Ethernet configuration might lead to minor errors. PR1365355

  • When the TIC goes offline and comes back online, MPLS bidirectional traffic flow might stop working. PR1367920

  • Frequent speed changes on interface ports might cause the relevant port IFD not to be created. PR1367946

  • Some harmless log messages are suppressed on the backup SPMB. PR1369731

  • You might not be able to stop the ZTP bootstrap when a PTX10016 or PTX10008 router with more number of line cards is powered ON with the factory default configuration. PR1369959

  • When a Routing Engine reboots and comes up again, it sends gratuitous ARP packets to the internal interfaces in order to advertise its MAC address. These packets get into the UKERN running on the FPC, which drops these packets. The messages are displayed just before these packets are dropped. These errors are harmless and do not disrupt the working of any feature. PR1374372

  • When Jflow sampling is enabled and flows are sampled through aggregate bundles, the following harmless error logs are generated: [Tue Oct 30 18:17:40.648 LOG: Info] expr_get_local_pfe_child_ifl: cannot find child ifl of agg ifl 74 for this fpc [Tue Oct 30 18:17:40.648 LOG: Info] flowtb_get_cpu_header_fields: Failed to find local child ifl for 74 [Tue Oct 30 18:17:40.648 LOG: Info] fpc0 cannot find stream on [hostname] .PR1379227

  • If multiple LLDP sensors are exported together and part of their keys overlap, the data for these sensors might not get exported. PR1382691

  • On PTX Series routers or QFX10002, QFX10008, and QFX10016, an auto correctable non-fatal hardware error on the Provider Edge chip (which is ASIC on PTX1000, PTX10002, and QFX10002, the third-generation FPC on PTX3000 and PTX5000, and the line card on PTX10008, PTX10016, QFX10008, and QFX10016) is reported as 'FATAL' error, and therefore the relevant Packet Forwarding Engine (PFE) is disabled. The code changes have been made to change the error category from 'FATAL' to 'INFO' to avoid the Packet Forwarding Engine to be disabled unexpectedly. PR1408012

  • Deviation and augmentation updated for IS-IS telemetry. Updated in: Junos OS Releases 18.1, 18.2, 18.3, 18.4, 19.1, 19.2, and 19.3 branches. PR1408151

  • When a 100g QSFP is inserted into FPC on PTX, all the other interfaces on that FPC and the other FPCs might flap, since these interfaces are configured the smaller pdu-interval value of LFM. PR1408204

  • When forwarding chain is unilist_1->indirect-next-hop->unilist_2, any change in unilist_2 active member list is absorbed by indirect-next-hop in the chain and the change will not be back propagated to top-level unilist_1. If a link flap it will cause indirect-next-hop pointing to unilist_2 stuck with weight 65535 and further causing traffic blackholing. PR1409632

  • On PTX10002 devices, if the chassis-control process restarts, Express ASICs are not initialized, leading to packet drops on the output queue. PR1414434

  • While committing the configuration, the following error message is displayed: error: mustd trace init failed. PR1423229

  • On routers and switches with Link Aggregation Control Protocol (LACP) enabled, deactivating a remote aggregated Ethernet member link changes the LACP state of the local member link to Detached state. The detached link is invalidated from the Packet Forwarding Engine's AE-Forwarding Table. If the device is rebooted with this state, all the member links are enabled in PFE AE-Forwarding Table irrespective of the LACP states, resulting in packet drop. PR1423707

  • PTX10000/LC1101: when an interface is configured with jumbo frames support (for example, MTU = 9216), the effective MTU size for locally sourced egress traffic is 24 bytes less than the expected value. This issue is confined to locally originated traffic only and does not affect transit traffic. PR1428094

  • Configuring IP Flow Information Export (IPFIX) on a device with LC1104 or LC1105 line cards might trigger major/Fatal ASIC errors, and the Packet Forwarding Engines might shut down. PR1429419

  • The timestamp reported for packet arrival in NetFlow records reports inaccurate time due to a synchronization issue with NTP. PR1431498

Infrastructure

  • A file system corruption might create a kernel core file. The Routing Engine reboots with the message; ffs_blkfree: freeing free block. PR1028972

  • Junos packages might be incorrectly registered as unsupported. PR1427344

Interfaces and Chassis

  • Upgrading Junos OS Release 14.2R5 and later maintenance releases and Junos OS Release 16.1 and later mainline releases with CFM configuration might cause the cfmd process to crash after upgrade. This is because of the old version of /var/db/cfm.db. PR1281073

MPLS

  • When the rpd daemon terminates, the process of signaling the deletion of all RSVP LSPs might take so long that a watchdog timer is triggered, resulting in the generation of an rpd core file. PR1257367

  • Due to an error with the optimization timer, a particular check fails when the exponential increase function is called. PR1416948

Platform and Infrastructure

  • Use groups re0/re1 to configure the Routing Engine-specific management interface. PR1375012

Routing Protocols

  • When the loopback interface is configured in a logical system and Routing Engine-based micro BFD is configured to use the loopback address as the source address, BFD packets are sent with the source address of the outgoing interface instead of the loopback address. Due to this issue, the micro BFD session might not come up. PR1370463

Resolved Issues

This section lists the issues fixed in the Junos OS main release and the maintenance releases.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: 18.2R3

General Routing

  • The PTX5000 router experiences more than 50 percent multicast traffic packet drop. PR1339481

  • MPLS LSP statistics are not shown in the output of the show mpls lsp ingress statistics command. PR1344039

  • The traffic loss duration during FRR link-protection is between 25 ms and 150 ms. PR1355953

  • slu.l2_domain_lookup_failure traps might be observed when using sampling on FPC-P1/FPC-P2. PR1368381

  • Unexpected incrementing of counters on the interface. PR1370062

  • Power usage ST components in PTX5000 do not work as intended. PR1372369

  • Disable reporting of correctable single-bit error on Hybrid Memory Cube (HMC) and prevent major alarm. PR1384435

  • Packet drop might be seen in lower priority queues on PTX Series or QFX10000 Series platforms. PR1385454

  • lcmd core files are generated and FPC is restarted. PR1391443

  • Agentd sensor transmits multiple interface telemetry statistics per FPC slot. PR1392880

  • The show chassis fpc command on PTX Series and QFX10000 Series routers shows incorrect buffer memory utilization. PR1397612

  • CPU overuse might be observed on PTX/QFX10000 Series platform. PR1399369

  • The DHCPv6 relay-reply packet might be dropped by the DHCP relay. PR1399683

  • Only one Packet Forwarding Engine can be disabled on an FPC with multiple Packet Forwarding Engines in error/wedge condition. PR1400716

  • The TCP connection between ppmd and ppman might be dropped due to a kernel issue. PR1401507

  • The log message JAM HW data base open failed for ptx5kpic_3x400ge-cfp8 is generated during commit. PR1403071

  • Incorrect mem stat message is seen in FPC logs of PTX Type 1 FPC. PR1404088

  • PTX3000: FPCs are not able to come online more than 10 minutes after a reboot of the chassis. PR1404611

  • On PTX3000 and PTX5000, backup CB's chassis environment status keeps displaying after the backup CB is removed or power to PEM is lost. PR1405181

  • 100G SR4 Optics with part number 740-061405 should be displayed as "QSFP-100G-SR4-T2". PR1405399

  • No chassis alarm is raised on PTX1000 when PEM is removed or power lost to PEM. PR1405430

  • Layer 2 VPN might flap repeatedly after the link up between PE and CE devices. PR1407345

  • The port at FPC (for example, JNP10K-LC1101) might fail to come up. PR1409585

  • Hostname does not update at FPC shell after system configuration change on CLI. PR1412318

  • Junos PCC might reject PCUpdate/PCCreate message if there is metric type other than type 2. PR1412659

  • The L2circuit egress Provider Edge might drop the traffic in FAT+CW enabled L2circuit scenario when another FAT+CW enabled L2circuit PW flaps. PR1415614

  • Traffic loss might be seen for duration of hold-time down timer when flapping an interface with hold-time down timer configured. PR1418425

  • RX alarms are not set as according to the threshold value configured for the DCO Tunable Optics. PR1419204

  • Error messages might be seen on PTX10000/QFX10000 platforms during DFE tuning. PR1421075

  • Virtual Chassis might become unstable and FXPC might generate core files when there are a lot of configured filter entries. PR1422132

  • Packet Forwarding Engine wedge might be observed after performing the show forwarding-options load-balance command.PR1422464

  • 4x10G interfaces on PTX3000/PTX5000 FPC type 3 might not come up after frequently flapping for a large amount of time. PR1422535

  • Specific interface on P3-15-U-QSFP28 PIC card remains down until another interface comes up. PR1427733

Infrastructure

  • The request system recover oam-volume command might fail on PTX Series routers. PR1425003

Interfaces and Chassis

  • The syslog message /kernel: %KERN-3: pointchange for flag 04000000 not supported on IFD aex is seen upon LFM related configuration commit on aggregated Ethernet interfaces. PR1423586

  • Some ports on PTX Series routers might remain down after rebooting the FPC/device at remote side. PR1429315

MPLS

  • An RSVP-signaled LSP might stay in down state after a link in the path. flaps. PR1384929

  • The rpd might crash when an LDP route with indirect next-hop is deleted. PR1398876

  • A single-hop bypass LSP might not be used for traffic when both transit chaining mode and sensor-based-stats are used. PR1401152

  • LDP routes might flap if committing any configuration changes. PR11416032

  • Bypass dynamic rsvp lsp tears down too soon when being used for protecting ldp lsp with knob dynamic-rsvp-lsp. PR1425824

Platform and Infrastructure

  • Some files are missing during log archiving. PR1405903

Routing Protocols

  • RPD core files are generated on backup Routing Engine during neighborship flap when using authentication-key with size larger than 20 characters. PR1394082

  • Syslog message is seen whenever prefix-sid coincides with the node-sid. PR1403729

  • The rpd memory leak might be seen in IS-IS segment routing scenario. PR1404134

  • Dynamic routing protocol flapping with vmhost Routing Engine switchover is seen on new generation Routing Engine. PR1415077

VPNs

  • In a specific CE device environment in which asynchronous notification is used, after the link between the PE and CE devices goes up, the Layer 2 circuit flaps repeatedly. PR1282875

Resolved Issues: 18.2R2

General Routing

  • On a PTX1000, upgrade from Junos OS Release 16.1X65D45 to Junos OS Release 17.3-20170721 fails frequently with sampling enabled. PR1296533

  • Status LED on the chassis does not light up on QFX10002-60C. PR1332991

  • Tc_count counters for a filter with the scale-optimized statement enabled do not increment. PR1334580

  • Members of IPv4 unilist next hops might be stuck in "Replaced" state after interface flapping. PR1336201

  • On QFX10000 platforms, NETCONF SSH TCP port 830 traffic hitting host path/unclassified queue. PR1345744

  • FPC reboots a few minutes after the configuration is loaded. PR1346467

  • Packet might be dropped by RPF during Routing Engine switchovers. PR1354285

  • Unable to commit Junos OS configuration during the ZTP process, and the ZTP process stop completed. PR1358919

  • Multicast replication traffic might be lost on an aggregated Ethernet bundle interface after one member link goes down. PR1359974

  • The route might be stuck after BGP neighbor and route flapping. PR1362560

  • Traffic is still forwarded through the member link of an aggregated Ethernet bundle interface even with “Link-Layer-Down" flag set. PR1365263

  • PTX IPLC might not boot up with multiple J-UKERN crashes. PR1365791

  • The 'Normal discards' Packet Forwarding Engine statistics traffic counter might increase at a higher rate when Inline J-flow or S-Flow is enabled. PR1368208

  • JNP hardware running Junos for QFX software messages is continuously getting flooded with dcpfe_pd[4235]: et-0/1/5:2: Signal lost. Macsec rx 0. PR1368969

  • The commit or commit check operation might fail because of the error cannot have lsp-cleanup-timer without lsp-provisioning. PR1368992

  • Packets might be dropped after a filter is deleted from an interface. PR1372957

  • Inline BFD keep flapping when inline samping is configured. PR1376509

  • Traffic might be dropped on third-generation FPCs on PTX. PR1378392

  • Layer 3 VPN traffic might be dropped because one core-facing interface is down. PR1380783

  • BFD sessions bounced on FPCs that are not taken offline. PR1383703

  • CPSM daemon memory leak in VM host. PR1387903

  • Forwarding issue on mixed link-speed aggregated Ethernet interface after FPC reloads. PR1390417

Infrastructure

  • The FPC might go down on some VM-host-based PTX Series or QFX Series devices. PR1367477

Interfaces and Chassis

  • Major error PE Chip:pe0[0]: IPW: oversize_drop error seen on FPC. PR1375030

MPLS

  • LSP with auto-bandwidth enabled goes down during HMC error condition. PR1374102

Platform and Infrastructure

  • Junos OS: Next hop index allocation failed: private index space exhausted because of incoming ARP requests to the management interface (CVE-2018-0063). PR1360039

Routing Protocols

  • Rpd core files might be generated during telemetry streaming. PR1347431

Resolved Issues: 18.2R1

General Routing

  • Remove show chassis spmb command and response. PR1244059

  • For MTRE devices using telemetry, restart na-grpc-server and restart na-mqtt do not work. PR1284121

  • For BGP-LU multipath routes, if there is a forwarding-table export policy configured to reject such routes, then rpd might might crash during next-hop installation. PR1297044

  • Interfaces might go down when the Packet Forwarding Engine encounters TOE::FATAL ERROR. PR1300716

  • The FPC is being reported as down in chassisd logs related to streaming telemetry, eventhough the FPC is online. PR1300795

  • A third-generation FPC (FPC3-SFF-PTX) might not boot on a PTX3000 with the Control Board or Routing Engine. PR1303295

  • Internal latency is high during initial subscription of sensors. PR1303393

  • The mgd might process crash when the Ephemeral database is used. PR1305424

  • Packet Forwarding Engine error messages are flooding as expr_sensor_update_cntr_to_sid_tree after delete and rollback of protocols isis source-packet-routing node-segment. PR1309288

  • Need to suppress chassis alarm for switched off PEM. PR1311574

  • The SIB LED on the front panel display is green and remains steadily lit even before an SIB comes online. PR1311632

  • When the user changes the PIC or port speed, an alarm is raised and user intervention is required. PR1311875

  • Memory leak in the chassisd process occurs while streaming telemetry subscriptions are active. PR1315672

  • Packet Forwarding Engine packet drop is seen on the PTX5000 when there is a 100-ms RTT delay between the DUT and the collector. PR1316429

  • On the PTX10000, for 100G LR4 Optics with part number 740-061409, need to change show chassis hardware display to QSFP-100G-LR4-T2. PR1322082

  • The rpd might crash when an OpenConfig package is upgraded with JTI streaming data in the background. PR1322553

  • On PTX1000, MX204, MX10003, or QFX10002-60C, the local time on the FPC might be different from the local time on the Junos VM or VM host. PR1325048

  • The GRE traffic is not de-encapsulated by the firewall filter. PR1325104

  • Firewall filter is not supported on aggregated Ethernet. PR1325237

  • PTX Series MKA sessions are not coming up after changing CA parameters such as - transmit-interval, and key-server-priority. PR1325392

  • MPLS traceroute fails across PTX Series platform. PR1327609

  • Unsupported features need to be removed or disabled under CLI set vlans <vlan_name>. PR1328219

  • Unsupported options need to be disabled under CLI set interfaces <interface_name> unit 0 family ethernet-switching interface-mode trunk. PR1328507

  • Link instability occurs after link-down event on PTX Series device. PR1330708

  • Traffic stops flowing out of ae70 after some FPC restart iterations. PR1335118

  • PTX5000 FPC might reboot in certain rare scenarios when interface-specific policer is configured. PR1335161

  • Disabling a breakout 10G port on et-0/0/5 will unexpectedly disable another breakout 10G port on et-0/0/5. PR1337975

  • FPC/FPC2/FPC E on PTX Series device does not forward traffic. PR1339524

  • Link goes down on PTX3000/PTX5000 with FPC3 inserted after router reboot or link flap. PR1340612

  • On the PTX1008, the 30-Port Coherent Line Card (DWDM-lC) does not come up. PR1344732

  • No DHCP service or configuration is running after the system has cleared. PR1347730

  • Sensors are not getting cleared up after doing Routing Engine switchover. PR1347779

  • Threshold is not getting configured correctly in PTX Series device when threshold is configured using scope and category options. PR1350841

  • BFD sessions do not come up on PTX3000. PR1352112

  • Flabels might get exhausted after multiple Routing Engine switch-over. PR1354002

  • The interface of 15 100G ports PIC might delay 60 seconds to come up. PR1357410

Infrastructure

  • The ixlv interface statistics are not accounted for properly. PR1313364

Interfaces and Chassis

  • On the PTX3000, failed to check CFM neighbors wrt show oam ethernet connectivity-fault-management interfaces ae0.0 extensive. PR1335305

  • The transportd process might crash when an SNMP query is performed on jnxoptIfOChSinkCurrentExtTable with an unsupported interface index. PR1335438

MPLS

  • Traffic drop is seen during NSR switchover for RSVP P2MP provider tunnels used by MVPN. PR1293014

  • Traffic loss occurs for static LSP configured with the stitch command. PR1307938

  • The rpd might crash on the backup Routing Engine due to memory exhaustion. PR1328974

  • MPLS LSP statistics are not shown in cli command show mpls lsp ingress statistics. PR1344039

Platform and Infrastructure

  • DCD Microbfd seems to be failing in dcd_commit_check log file even when BFD is not configured. PR1300796

  • Traffic might be silently dropped and the following message might be seen: JPRDS_NH:jprds_nh_alloc(),651: JNH[0] failed to grab new region for NH messages. PR1357707

  • Unable to commit junos configuration during the ZTP process and ZTP process stop completed. PR1358919

Routing Protocols

  • The rpd might constantly consume high CPU resources in a BGP setup. PR1315066

  • The primary path of MPLS LSP might switch to another address. PR1316861

  • The rpd process might crash continuously on both Routing Engines when backup-spf-options remote-backup-calculation is configured in IS-IS protocol. PR1326899

  • Protocol churn will create rpd crash. PR1341466

Documentation Updates

There are no errata or changes in Junos OS Release 18.2R3 documentation for the PTX Series.

Migration, Upgrade, and Downgrade Instructions

This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for Junos OS for the PTX Series. Upgrading or downgrading Junos OS might take several hours, depending on the size and configuration of the network.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.

You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1, 17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from Junos OS Release 17.1 to Release 17.3.

You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.

For more information about EEOL releases and to review a list of EEOL releases, see https://www.juniper.net/support/eol/junos.html.

Upgrading a Router with Redundant Routing Engines

If the router has two Routing Engines, perform a Junos OS installation on each Routing Engine separately to avoid disrupting network operation as follows:

  1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the configuration change to both Routing Engines.

  2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running software version on the master Routing Engine.

  3. After making sure that the new software version is running correctly on the backup Routing Engine, switch over to the backup Routing Engine to activate the new software.

  4. Install the new software on the original master Routing Engine that is now acting as the backup Routing Engine.

For the detailed procedure, see the Installation and Upgrade Guide.

Basic Procedure for Upgrading to Release 18.2

When upgrading or downgrading Junos OS, use the jinstall package. For information about the contents of the jinstall package and details of the installation process, see the Installation and Upgrade Guide. Use other packages, such as the jbundle package, only when so instructed by a Juniper Networks support representative.

Note

Back up the file system and the currently active Junos OS configuration before upgrading Junos OS. This allows you to recover to a known, stable environment if the upgrade is unsuccessful. Issue the following command:

Note

The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration information from the previous software installation is retained, but the contents of log files might be erased. Stored files on the router, such as configuration templates and shell scripts (the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored files, copy them to another system before upgrading or downgrading the routing platform. For more information, see the Junos OS Administration Library.

Note

We recommend that you upgrade all software packages out of band using the console because in-band connections are lost during the upgrade process.

To download and install Junos OS Release 18.2R3:

  1. Using a Web browser, navigate to the All Junos Platforms software download URL on the Juniper Networks webpage:

    https://www.juniper.net/support/downloads/

  2. Select the name of the Junos OS platform for the software that you want to download.
  3. Select the release number (the number of the software version that you want to download) from the Release drop-down list to the right of the Download Software page.
  4. Select the Software tab.
  5. In the Install Package section of the Software tab, select the software package for the release.
  6. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
  7. Review and accept the End User License Agreement.
  8. Download the software to a local host.
  9. Copy the software to the routing platform or to your internal software distribution site.
  10. Install the new jinstall package on the router.Note

    After you install a Junos OS Release 18.2R3 jinstall package, you cannot return to the previously installed software by issuing the request system software rollback command. Instead, you must issue the request system software add validate command and specify the jinstall package that corresponds to the previously installed software.

    The validate option validates the software package against the current configuration as a prerequisite to adding the software package to ensure that the router reboots successfully. This is the default behavior when the software package being added is for a different release. Adding the reboot command reboots the router after the upgrade is validated and installed. When the reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes. Rebooting occurs only if the upgrade is successful.

    Customers in the United States and Canada, use the following command:

    user@host> request system software add validate reboot source/jinstall-18.2R3.SPIN-domestic-signed.tgz

    All other customers, use the following command:

    user@host> request system software add validate reboot source/jinstall-18.2R3.SPIN-export-signed.tgz

    Replace the source with one of the following values:

    • /pathname—For a software package that is installed from a local directory on the router.

    • For software packages that are downloaded and installed from a remote location:

      • ftp://hostname/pathname

      • http://hostname/pathname

      • scp://hostname/pathname (available only for Canada and U.S. version)

    The validate option validates the software package against the current configuration as a prerequisite to adding the software package to ensure that the router reboots successfully. This is the default behavior when the software package being added is a different release.

    Adding the reboot command reboots the router after the upgrade is validated and installed. When the reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.

    Rebooting occurs only if the upgrade is successful.

Note

You need to install the Junos OS software package and host software package on the routers with the RE-PTX-X8 Routing Engine. For upgrading the host OS on this router with VM Host support, use the junos-vmhost-install-x.tgz image and specify the name of the regular package in the request vmhost software add command. For more information, see the VM Host Installation topic in the Installation and Upgrade Guide.

Note

After you install a Junos OS Release 18.2 jinstall package, you cannot return to the previously installed software by issuing the request system software rollback command. Instead, you must issue the request system software add validate command and specify the jinstall package that corresponds to the previously installed software.

Note

Most of the existing request system commands are not supported on routers with RE-PTX-X8 Routing Engines. See the VM Host Software Administrative Commands in the Installation and Upgrade Guide.

Installing the Software on PTX10002-60C Routers

This section explains how to upgrade the software, which includes both the host OS and the Junos OS. This upgrade requires that you use a VM host package—for example, a junos-vmhost-install-x.tgz .

During a software upgrade, the alternate partition of the SSD is upgraded, which will become primary partition after a reboot. If there is a boot failure on the primary SSD, the switch can boot using the snapshot available on the alternate SSD.

Note

The PTX10002-60C switch supports only the 64-bit version of Junos OS.

Note

If you have important files in directories other than /config and /var, copy the files to a secure location before upgrading. The files under /config and /var (except /var/etc) are preserved after the upgrade.

To upgrade the software, you can use the following methods:

If the installation package resides locally on the switch, execute the request vmhost software add <pathname><source> command.

For example:

user@switch> request vmhost software add /var/tmp/junos-vmhost-install-ptx-x86-64-18.2R3.9.tgz

If the installation package resides remotely from the switch, execute the request vmhost software add <pathname><source> command.

For example:

user@switch> request vmhost software add ftp://ftpserver/directory/junos-vmhost-install-ptx-x86-64-18.2R3.9.tgz

After the reboot has finished, verify that the new version of software has been properly installed by executing the show version command.

user@switch> show version

Product Compatibility

Hardware Compatibility

To obtain information about the components that are supported on the devices, and special compatibility guidelines with the release, see the Hardware Guide and the Interface Module Reference for the product.

To determine the features supported on PTX Series devices in this release, use the Juniper Networks Feature Explorer, a Web-based application that helps you explore and compare Junos OS feature information to find the right software release and hardware platform for your network. Find Feature Explorer at https://pathfinder.juniper.net/feature-explorer/.

Hardware Compatibility Tool

For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms, see the Hardware Compatibility tool.