Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Junos OS Release Notes for PTX Series Packet Transport Routers

 

These release notes accompany Junos OS Release 18.4R1 for the PTX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

New and Changed Features

This section describes the new features and enhancements to existing features in Junos OS Release 18.4R1 for the PTX Series.

Authentication, Authorization and Accounting (AAA) (RADIUS)

  • Support for password change policy enhancement (PTX Series)—Starting in Junos OS Release 18.4R1, the Junos OS password change policy for local user accounts is enhanced to comply with additional password policies. As part of the policy improvement, you can configure the following:

    • maximum-lifetime-value—The maximum duration of a password. The password expires after the maximum is reached.

    • minimum-lifetime-value—The minimum duration of a password. You cannot change the password until the minimum duration is reached.

    [See password.]

Class of Service (CoS)

  • Support for classifying Layer 2 frames based on Layer 3 information (PTX Series)—Starting in Junos OS Release 18.4R1, PTX Series devices support classifying Layer 2 frames based on Layer 3 fields. You can match on DSCP bits in IPv4 packets (classifier type dscp), TOS bits in IPv6 packets (classifier type dscp-ipv6), EXP bits in MPLS frames (classifier type exp), and PCP bits in IEEE 802.1 frames (classifier type ieee-802.1). To do this, define classifiers as normal at the [edit class-of-service classifiers classifier-type classifier-name] hierarchy level and then apply the classifiers to a Layer 2 (family ethernet-switching) interface at the [edit class-of-services interfaces interface-name unit 0] hierarchy level.

    [See classifiers (Definition).]

Forwarding and Sampling

  • Support for activating or deactivating static routes on the basis of RPM test results (PTX Series) —Starting in Junos OS 18.4R1, you can use RPM probes to detect link status, and change the preferred-route state on the basis of the probe results. Tracked routes can be IPv4 or IPv6, and support a single IPv4 or IPv6 next hop. For example, RPM probes can be sent to an IP address to determine if the link is up, and if so, take the action of installing a static route in the route table. RPM-tracked routes are installed with preference 1 and thus are preferred over any existing static routes for the same prefix.

    [See Configuring RPM Probes , rpm-tracking, and show route rpm-tracking.]

Interfaces and Chassis

  • LACP hold-up timer configuration support on LAG interfaces (PTX Series)—You can configure an LACP hold-up timer value for LAG interfaces to prevent excessive flapping of a child (member) link of a LAG interface due to transport layer issues.

    Because of transport layer issues, a link can be physically up and still cause LACP state-machine flapping. LACP state-machine flapping, which can adversely affect traffic on the LAG interface. With the hold-up timer configured, LACP monitors the PDUs received on the child link for the configured time value, but does not allow the member link to transition from the expired or default state to the current state. This configuration thus prevents excessive flapping of the member link.

    To configure the hold-up timer, use the hold-time up timer-value statement at the [edit interfaces ae aeX aggregated-ether-options lacp] hierarchy level.

    [See hold-time up and Configuring LACP Hold-UP Timer to Prevent Link Flapping on LAG Interfaces.]

Junos Telemetry Interface

  • Enhanced IS-IS sensor support for Junos Telemetry Interface (JTI) (MX960, MX2020, PTX5000, PTX1000, and PTX10000)—Starting with Junos OS Release 18.4R1, JTI supports OpenConfig Version v0.3.3 (from v0.2.1) for resource paths related to IS-IS Link State Database (LSDB) streaming. The difference between the two versions results in changes, additions, deletions, or nonsupport for leaf devices related to the following IS-IS Type Length Value (TLV) parameters and IS-IS areas:

    • TLV 135: extended-ipv4-reachability

    • TLV 236: ipv6-reachability

    • TLV 22: extended-is-reachability

    • TLV 242: router-capabilities

    • IS-IS Interface Attributes

    • IS-IS Adjacency Attributes

    To provision the sensor to export data through gRPC streaming, use the telemetry Subscribe RPC to specify telemetry parameters. Streaming telemetry data through gRPC also requires the OpenConfig and Network Agent packages, both of which are bundled into the Junos OS image in a default package named junos-openconfig.

    [See Configuring a Junos Telemetry Interface Sensor (CLI Procedure) and Guidelines for gRPC Sensors (Junos Telemetry Interface).]

  • Support for NTF agent (MX240, MX480, MX960, MX2010, MX2020, vMX, PTX1000, PTX5000, and PTX10000)—Junos OS exposes telemetry data over gRPC and UDP as part of the Junos Telemetry Interface (JTI). One way to stream JTI data into your existing telemetry and analytics infrastructure requires managing an external entity to convert the data into a compatible format. Starting in Junos OS Release 18.4R1, the NTF agent feature provides an on-box solution that enables you to configure and customize to which endpoint (such as IPFIX and Kafka) the JTI data is delivered and in which format (such as AVRO, JSON, and MessagePack) the data is encoded.

    [See NTF Agent Overview.]

  • Expanded ON_CHANGE support for Junos Telemetry Interface (JTI) (MX960, MX2010, MX2020, PTX5000, PTX1000, and PTX10000)—Starting in Junos OS Release 18.4R1, OpenConfig support through gRPC and JTI is extended to support additional ON_CHANGE sensors.

    Periodical streaming of OpenConfig operational states and counters collects information at regular intervals. ON_CHANGE support streams operational states as events (only when there is a change), and is preferred over periodic streaming for time-sensitive missions.

    The following paths, previously supporting periodical streaming only, now also support ON_CHANGE streaming:

    • /components/component

    • /components/component/name/

    • /components/component/state/type

    • /components/component/state/id

    • /components/component/state/description

    • /components/component/state/serial-no

    • /components/component/state/part-no

    ON_CHANGE notification will be supported on all the hardware components displayed in the Junos OS CLI operational mode command show chassis hardware.

    To provision a sensor to export data through gRPC, use the telemetrySubscribe RPC to specify telemetry parameters. To enable ON_CHANGE support, configure the sample frequency in the subscription as zero.

    [See Guidelines for gRPC Sensors (Junos Telemetry Interface) and show chassis hardware.]

Layer 2 Features

  • Support for Layer 2 and Layer 3 forwarding across VLANs (PTX1000, PTX10008, and PTX10016)—Starting in Junos OS 18.4R1, PTX Series devices support Layer 2 and Layer 3 forwarding across VLANs. Layer 3 forwarding across VLANs by using Integrated Routing and Bridging (IRB) interface. To provide Layer 3 forwarding across VLANs, you need to create layer 3 logical interface on IRB physical interface and associate it with the VLAN.

    These PTX routers supports IS-IS, OSPF, iBGP, and eBGP routing protocols on the IRB interface.

    [See Layer 2 Learning and Forwarding for VLANs Overview.]

Network Management and Monitoring

  • sFlow functionality introduced on PTX1000 and PTX10000—Starting in Junos OS Release 18.4R1, the PTX1000 and PTX10000 routers support sFlow, a network monitoring protocol for high-speed networks. With sFlow, you can continuously monitor tens of thousands of ports simultaneously. The mechanism used by sFlow is simple, not resource intensive, and accurate. An sFlow agent embedded in a network device samples packets and gathers interface statistics and sends the information to a monitoring station called a collector for analysis. An sFlow agent can be implemented in a distributed model. In such a case, each subagent has a separate subagent ID and is responsible for monitoring a set of network ports. The subagents share a common agent address.

    [See Configuring sFlow Technology for Network Monitoring (CLI Procedure) and sflow.]

Routing Policy and Firewall Filters

  • Support for next-filter as a firewall filter action (PTX Series)—Starting with Junos OS Release 18.4R1, firewall filters can be configured to execute a sequence of firewall filter actions. The new next-filter option enables you to deploy a filter list and run a series of filters, similar to what is already available with next-term actions, and provides filter scale optimization. Up to eight filters can be chained in this way. The feature is not supported on logical systems, or on loopback and pseudo-interfaces.

    You can use a filter list to implement a mix of multifield-classification and firewall filter rules. For example, the first filter in the list can be used to perform a generic filter classification, and the subsequent filters can then do the actual filtering.

    [See input-chain and output-chain.]

Routing Protocols

  • Support for 64 add-path BGP routes (PTX Series)—Starting in Junos OS Release 18.4R1, support is extended to 64 add-path BGP routes. Currently Junos OS supports six add-path routes and BGP can advertise upto 20 add-path routes through policy configuration. This feature allows BGP to advertise 64 add-path routes and a second best ECMP path as a backup in addition to the multiple ECMP paths.

    To advertise all add-paths up to 64 add-paths or only equal-cost paths, include the path-selection-mode statement at the [edit protocols bgp group group-name family name addpath send] hierarchy level. You cannot enable both multipath and path-selection-mode at the same time.

    To advertise a second best ECMP path as a backup path in addition to the multiple ECMP paths include the include-backup-path bacup_path_name statement at the [edit protocols bgp group group-name family name addpath send]] hierarchy level.

    [See add-path.]

    [See include-backup-path.]

  • Support for BGP flowspec redirect to IP (PTX Series)—Starting in Junos OS Release 18.4R1, BGP flow specification as described in BGP Flow-Spec Internet draft draft-ietf-idr-flowspec-redirect-ip-02.txt, Redirect to IP Action is supported. Redirect to IP action uses extended BGP community to provide traffic filtering options for DDoS mitigation in service provider networks. Legacy flow specification, as specified in the Internet draft draft-ietf-idr-flowspec-redirect-ip-00.txt, BGP Flow-Spec Extended Community for Traffic Redirect to IP Next Hop, redirect to IP uses the BGP nexthop attribute to support interoperability of devices. Junos OS advertises redirect to IP flow specification action using the extended community by default. Redirect to IP action allows you to divert matching flow specification traffic to a globally reachable address. This feature is required to support service chaining in virtual service control gateway (vSCG).

    To configure a static IPv4 flow specification route, include the redirect ipv4-address statement at the [edit routing-options flow route then] hierarchy level in the configuration.

    To configure a static IPv6 specification route, include the redirect ipv6-address statement at the [edit routing-options flow route then] hierarchy level in the configuration.

    To configure legacy flow specification include legacy-redirect-ip-action at the [edit group bgp-group neighbor bgp neighbor family inet flow] hierarchy level.

    To configure BGP to use VRF.inet.0 table to resolve VRF flow specification routes, include secondary-independent-resolution statement at the [edit protocols bgp neighbor family flow] hierarchy level.

    [See legacy-redirect-ip-action.]

    [See Configuring BGP Flow Specification Action Redirect to IP to Filter DDoS Traffic.]

Services Applications

  • Support for IPv4 and IPv6 inline active flow monitoring (PTX10002-60C router)—Starting in Junos OS Release 18.4R1 on PTX10002-60C routers, you can perform inline active flow monitoring for IPv4 and IPv6 traffic. Both IPFIX and version 9 templates are supported.

    [See Configuring Inline Active Flow Monitoring on PTX Series Routers.]

System Management

  • Copy files between the Junos VM and Linux host (PTX10008)—In Junos OS Release 18.4R1, two commands are introduced on the Enhanced Automation variant of Junos OS for PTX10008 routers: request vmhost copy jnode-to-vjunos and request vmhost copy vjunos-to-jnode. These commands enable you to copy files from the Linux host to the Junos VM and vice versa.

    [See request vmhost copy jnode-to-vjunos and request vmhost copy vjunos-to-jnode.]

VPN

  • Support to control traceroute over Layer 3 VPN (PTX Series)—Starting in Junos OS Release 18.4R1, in a Layer 3 VPN topology with vrf-table-label configured and multiple customer edge (CE) routers configured in the same VPN routing and forwarding (VRF) routing instance, when traceroute is performed to a remote provider edge (PE) router for a CE-facing network, the ICMP time exceeded packet determines the correct IP address as the source address.

    To control the traceroute over Layer 3 VPN topology with vrf-table-label configured and multiple CE routers configured in the same VRF, you can configure allow-l3vpn-traceroute-src-select at the[edit system] hierarchy level that determines the correct IP source address by reviewing the destination routing instance and destination IP address.

    [See allow-l3vpn-traceroute-src-select.]

Changes in Behavior and Syntax

This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands in Junos OS Release 18.4R1 for the PTX Series.

Interfaces and Chassis

  • New option to configure IP address to be used when the Routing Engine is the current master—Starting in Junos OS Release 18.4R1, a new option, master-only, is supported on routers with RE-MX-X6, RE-MX-X8, and RE-PTX-X8 Routing Engines at the following hierarchies:

    • [edit vmhost interfaces management-if interface (0|1) family inet address IPv4 address]

    • [edit vmhost interfaces management-if interface (0|1) family inet6 address IPv6 address]

    In routing platforms with dual Routing Engines and VM host support, the master-only option enables you to configure the IP address to be used for the VM host when the Routing Engine is the current master. The master Routing Engine and the backup Routing Engine can have independent host IP addresses configured. In releases before Junos OS Release 18.4R1, the same IP address is applied on the master and backup Routing Engines, resulting in configuration issues.

  • Support for creating layer 2 logical interface independently (PTX Series)—In Junos OS Releases 18.4R1, 18.4R2, and later, PTX Series routers support creating layer 2 logical interface independent of layer 2 routing instance type. That is, you can configure and commit the layer 2 logical interfaces separately and add the interface to bridge-domain or Ethernet VPN (EVPN) routing instance separately. Note that the layer 2 logical interfaces works fine only when the interface is added to bridge domain or EVPN routing instance.

    In the earlier Junos OS releases, when an layer 2 logical interface configuration (units with encapsulation vlan-bridge configuration) is used, then the logical interface must be added as part of a bridge-domain or EVPN routing instance for the commit to succeed.

Network Management and Monitoring

  • No chassis alarm when power consumption by an FPC exceeds 90% or 100% of the allocated power budget—Starting in Junos OS Release 18.4R1, the PTX5000 routers do not raise a chassis alarm in the following events:

    • Power consumption by an FPC exceeds 90% of the allocated power budget.

    • Power consumption by an FPC exceeds 100% of the allocated power budget (in this case, a system log is registered).

  • The NETCONF server omits warnings in RPC replies when the rfc-compliant statement is configured and the operation returns <ok/> (PTX Series)—Starting in Junos OS Release 18.4R1, when you configure the rfc-compliant statement at the [edit system services netconf] hierarchy level to enforce certain behaviors by the NETCONF server, the server must not return an RPC reply that encloses both an <rpc-error> element and an <ok/> element. If the operation is successful, but the server reply encloses one or more <rpc-error> elements of severity warning in addition to the <ok/> element, then the warnings are omitted. In earlier releases, or when the rfc-compliant statement is not configured, the NETCONF server might issue an RPC reply that encloses both an <rpc-error> element of severity warning and an <ok/> element.

Known Behavior

This section contains the known behavior, system maximums, and limitations in hardware and software in Junos OS Release 18.4R1 for PTX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Platform and Infrastructure

  • When an FPC goes offline or restarts, FPC x sends traffic to FPC y. The following error messages are seen and a corresponding alarm is set on the destination FPC. Specific to PTX10000, the transient alarm gets set when this condition occurs. The alarm clears later because the source FPC goes offline. Apr 09 10:31:24 [TRACE] [asta] Apr 9 10:19:59 asta fpc4 Error (0x210613), module: PE Chip, type: Apr 09 10:31:24 [TRACE] [asta] Apr 9 10:19:59 asta fpc4 Cmerror Op Set: PE Chip: PE1[1]: FO:core intr: 0x00000010: Grant spray drop due to unspray-able condition error Apr 09 10:31:24 [TRACE] [asta] Apr 9 10:19:59 asta fpc4 Error (0x210614), module: PE Chip, type: Apr 09 10:31:24 [TRACE] [asta] Apr 9 10:19:59 asta fpc4 Cmerror Op Set: PE Chip: PE1[1]: FO:core intr: 0x00000008: Request spray drop due to unspray-able condition errorPR1268678

  • The statistics for the physical interface are not getting updated for mirrored ports. Recommendation: Either the ingress and mirror interfaces should have the same MTU size or the mirror interface should have a higher MTU size than the ingress interface. PR1372321

  • Currently PTX1000-M20C supports 128,000 transit LSPs; however, in a failover scenario, Argus can support a maximum of 192,000 LSPs, which means 64,000 backup LSPs are active. In failover scenario and MBB case, 256,000 LSPs are required, but the ASIC can handle maximum of 192,000 after optimization, so there is a limitation with backup LSPs. PR1375780

  • PTX1000 and MX Series sflow sampling output has different VLAN priority in extended switch data fields with the same dual-tag configuration when egress sampling is configured, this is dependent on the sequence in which sampling and mac-rewrite happens. In MX Series MAC rewrite occurs after sampling and in the case of PTX Series sampling happens after MAC rewrite. PR1387468

  • The set interfaces interface-name gigether-options fec fec74|fec91|none configuration is not supported on the Argus platform. PR1388140

Known Issues

This section lists the known issues in hardware and software in Junos OS Release 18.4R1 for the PTX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Class of Service (CoS)

  • PTX1000-M20C: Core files are generated when ports are channelized and de-channelized repeatedly, without delay. PR1370781

Interfaces and Chassis

  • Upgrading Junos OS Release 14.2R5 and later maintenance releases and Junos OS Release 16.1 and later mainline releases with CFM configuration might cause the cfmd process to crash after the upgrade. This is because of the old version of /var/db/cfm.db. PR1281073

Platform and Infrastructure

  • Control packets might get dropped when the Packet Forwarding Engine experinces heavy congestion. PR1163759

  • In a rare race condition, multiple interrupts are not handled properly on PTX platform with FPC3-PTX-U2/FPC3-PTX-U3, which could lead to a core file being generated. The condition is difficult to reproduce. As a workaround, the interrupt code is optimized to avoid the unnecessary call to prevent the issue. PR1208536

  • On a PTX Series PIC with the CFP2-DCO-T-WDM transceiver installed, after repeated configuration rollback, the link sometimes takes a long time to come up. PR1301462

  • On a PTX Series router with a third-generation FPC, an error message is displayed when the FPC goes online or offline. PR1322491

  • The output of the CLI command show class-of-service fabric statistics now includes traffic that was dropped because of internal errors in the drop counts. PR1338647

  • NETCONF SSH TCP port 830 traffic hitting host path or unclassified queue causes DDoS violations in the unclassified queue. The following log appears: DDOS_PROTOCOL_VIOLATION_SET: Warning: Host-bound traffic for protocol/exception.PR1345744

  • PTX3000 reports CCL (Chip to Chip Link) CRC errors when FPC3-SFF-PTX-1X is taken offline through a CLI command by pressing the offline button. The syslog error is generated by an FPC just before it goes offline, so there is no detectable traffic loss. The messages are as follows: Apr 2 08:43:00 fpc4 CMSNGFM: cmsngfpc_fm_send_spry_ctrl_ack: ev_id:11 fm_st:ALL fm_type:FPC_OFF fm_op:DEL Apr 2 08:43:00 fpc2 CMSNGFM: cmsngfpc_platform_fm_periodic: PFE 0 detected link error for S00F0_0(11,0,11)->FPC02FE0(0,00) Apr 2 08:43:00 fpc2 CCL: Logging statistics for FPC02FE0(0,00) Apr 2 08:43:00 fpc2 CCL: SOT:0x0000037649c2c43e Apr 2 08:43:00 fpc2 CCL: FrameCnt:0x00000000000419dc Apr 2 08:43:00 fpc2 CCL: LastCRCErrCnt:0x00000003 Apr 2 08:43:00 fpc2 CCL: AggrCRCErrCnt:0x0000000000000003 Apr 2 08:43:00 fpc2 CCL: AggrBERCnt:0x0000000000000001 Apr 2 08:43:00 fpc2 CCL: pe0-Avg-28nm-link-10-18 CRC error history (last 5 polls): Apr 2 08:43:00 fpc2 CCL: 0x0 0x0 0x0 0x0 0x3 Apr 2 08:43:00 fpc2 CCL: FEC Uncorrectable FEC Correctable Apr 2 08:43:00 fpc2 CCL: 00000004, 00000000 Apr 2 08:43:00 fpc2 CCL: 00000000, 00000000 Apr 2 08:43:00 fpc2 BEGIN Rx serdes info for asic pe0-0 serdes 18 Apr 2 08:43:00 fpc2 Signal & port condition for serdes_num 18 Apr 2 08:43:00 fpc2 Rx Signal : Signal Not OK Apr 2 08:43:00 fpc2 Rx Electrical Idle : High Apr 2 08:43:00 fpc2 Rx Frequency Lock: Set Apr 2 08:43:00 fpc2 Rx Port : Ready Apr 2 08:43:00 fpc2 DFE TAPs : -- snip -- Apr 2 08:43:00 fpc2 CCL: FrameCnt:0x0000000000041a0d Apr 2 08:43:00 fpc2 CCL: LastCRCErrCnt:0x00000003 Apr 2 08:43:00 fpc2 CCL: AggrCRCErrCnt:0x0000000000000003 Apr 2 08:43:00 fpc2 CCL: AggrBERCnt:0x0000000000000001 Apr 2 08:43:00 fpc2 CCL: pe0-Avg-28nm-link-14-22 CRC error history (last 5 polls): Apr 2 08:43:00 fpc2 CCL: 0x0 0x0 0x0 0x0 0x3 Apr 2 08:43:00 fpc2 CCL: FEC Uncorrectable FEC Correctable Apr 2 08:43:00 fpc2 CCL: 00000004, 00000000 Apr 2 08:43:00 fpc2 CCL: 00000000, 00000000 Apr 2 08:43:00 fpc2 BEGIN Rx serdes info for asic pe0-0 serdes 22 Apr 2 08:43:00 fpc2 Signal & port condition for serdes_num 22 Apr 2 08:43:00 fpc2 Rx Signal : Signal Not OK Apr 2 08:43:00 fpc2 Rx Electrical Idle : High Apr 2 08:43:00 fpc2 Rx Frequency Lock: Set Apr 2 08:43:00 fpc2 Rx Port : Ready Apr 2 08:43:00 fpc2 DFE TAPs : -- snip -- Apr 2 08:43:00 fpc2 CCL: Logging errors for FPC02FE0(0,00) Apr 2 08:43:00 fpc2 CCL: BER Err Apr 2 08:43:00 fpc2 CCL: Frame Lock Loss Apr 2 08:43:00 fpc2 CCL: Align Loss Apr 2 08:43:00 fpc2 CCL: Header Comparison Error Apr 2 08:43:00 fpc2 CCL: Header Preamble Error Apr 2 08:43:00 fpc2 CMSNGFM: cmsngfpc_platform_fm_periodic: PFE 0 detected link error for S00F1_0(14,0,14)->FPC02FE0(1,00) Apr 2 08:43:00 fpc2 CMSNGFM: cmsngfpc_platform_fm_periodic: PFE 1 detected link error for S00F0_0(11,0,11)->FPC02FE1(0,00) Apr 2 08:43:00 fpc2 CMSNGFM: cmsngfpc_platform_fm_periodic: PFE 1 detected link error for S00F1_0(14,0,14)->FPC02FE1(1,00) User@PTX3000> show chassis hardware detail Hardware inventory: FPC 0 REV 43 750-057064 ACPV7514 FPC3-SFF-PTX-1XCPU BUILTIN BUILTIN SMPC PMB FPC 2 REV 40 750-057064 ACPJ9145 FPC3-SFF-PTX-1XCPU BUILTIN BUILTIN SMPC PMB FPC 4 REV 43 750-057064 ACPR8506 FPC3-SFF-PTX-1XCPU BUILTIN BUILTIN SMPC PMB SIB 0 REV 10 750-057067 ACPJ8829 SIB3-SFF-PTX SIB 1 REV 10 750-057067 ACPJ8683 SIB3-SFF-PTX SIB 2 REV 10 750-057067 ACPJ8843 SIB3-SFF-PTX SIB 3 REV 10 750-057067 ACPJ8920 SIB3-SFF-PTXPR1348733

  • On the PTX1000 router, platform, after rebooting the system by issuing the CLI command request vmhost reboot, the netproxy service might fail to start. PR1365664

  • When the TIC is taken offline and then brought online, MPLS bidirectional traffic flow might stop working. PR1367920

  • Log messages are displayed when there is a transceiver present on the WAN ports, but the cable is not connected. PR1368969

  • Power usage ST components in the PTX5000 does not work as intended. PR1372369

  • When a Routing Engine reboots and comes online, it sends gratuitous ARP packets to the internal interfaces in order to advertise its MAC address. These packets get into the UKERN running on the FPC, which drops these packets. The messages seen here are displayed just before the FPC drops the packets. These error messages are harmless and do not disrupt working of any feature. PR1374372

  • Use groups re0/re1 to configure the Routing Engine-specific management interface. PR1375012

  • In case multiple LLDP sensors are getting exported together and part of their keys are overlapped, data for these sensors can sometimes get skipped from being exported. PR1382691

Routing Protocols

  • In an LDP network with gradual deployment of segment routing (also known as the LDP mapping server feature), the rpd process might crash after you commit the configuration related to mapping-server-entry prefix-segments/prefix-segment-ranges with the maximum number of entries exceeded (16 for Junos OS Release 17.4 and 64 for Junos OS Release 17.4R2 onward). PR1379558

Resolved Issues

This section lists the issues fixed in the Junos OS Release 18.4R1 for the PTX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Infrastructure

  • The FPC might go down on some VM-host-based PTX Series or QFX Series devices. PR1367477

Interfaces and Chassis

  • PE Chip:pe0[0]: IPW: oversize_drop error causes a major error on FPC. PR1375030

MPLS

  • In Junos OS Release 18.2X75, IPv6 routes are dead in mpls.0 table S=0 leads to traffic loss in v6-indirect next-hop stitching. PR1355878

  • LSP with auto-bandwidth enabled goes down as a result of an HMC error. PR1374102

  • Bypass LSP is taking the same SRLG colored path. PR1387497

Platform and Infrastructure

  • On a PTX1000, upgrade from Junos OS Release 16.1X65-D45 to Junos OS Release 17.3-20170721 fails frequently when sampling is enabled. PR1296533

  • Repeated log messages %PFE-3 fpcX expr_nh_index_tree_ifl_get and expr_nh_index_tree_ipaddr_get are observed when the sampling packet is discarded with the log (or syslog) statement configured under the firewall filter. PR1304022

  • The status LED on the chassis remains unlit on the QFX10002-60C. PR1332991

  • The traffic-class-count values in a filter configured with the scale-optimized statement, are not incrementing. PR1334580

  • Packet might be dropped by RPF during a Routing Engine switchover. PR1354285

  • The host interface might stop sending packets on a PTX Series router with FPC3 or PTX1000 when you use an outbound firewall filter with syslog option. PR1354580

  • PTX1000-M20C: FRR link-protection convergence time. PR1355953

  • Traffic is still forwarded through the member link of an aggregated Ethernet bundle interface even with Link-Layer-Down flag set. PR1365263

  • JSA10899 2018-10 Security Bulletin: Junos OS: Next-hop index allocation failed: private index space exhausted as a result of incoming ARP requests to the management interface (CVE-2018-0063). PR1360039

  • The 'Normal discards' Packet Forwarding Engine statistics traffic counter might increase at a higher rate when Inline-Jflow or sFlow is enabled. PR1368208

  • slu.l2_domain_lookup_failure traps might be observed when using sampling on FPC-P1/FPC-P2. PR1368381

  • The IPLC card might take a long time to come up. PR1368637

  • The 'commit or commit check operation' might fail because of the error cannot have lsp-cleanup-timer without lsp-provisioning.PR1368992

  • Packets might be dropped after a filter is deleted from an interface. PR1372957

  • Inline BFD keeps flapping when inline samping is configured. PR1376509

  • Traffic might be dropped on third-generation FPCs on PTX Series routers. PR1378392

  • Layer 3 VPN traffic might be dropped because one core-facing interface is down. PR1380783

  • BFD sessions bounced FPCs that have not been taken offline. PR1383703

  • Packet Forwarding Engine-based local repair does not happen for IP routes pointing to a unilist of composites with Indirect next hops. PR1383965

  • CPSM daemon memory leak is observed ion VM host. PR1387903

  • BFD flaps are seen on PTX or QFX10000 platforms with inline BFD. PR1389569

  • Forwarding issue on mixed link-speed aggregated Ethernet interface after FPC reloads. PR1390417

  • High jsd or na-grpcd CPU usage might be seen even when JET or JTI is not used. PR1398398

Documentation Updates

There are no errata or changes in Junos OS Release 18.4R1 documentation for PTX Series.

Migration, Upgrade, and Downgrade Instructions

This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for Junos OS for the PTX Series. Upgrading or downgrading Junos OS might take several hours, depending on the size and configuration of the network.

Basic Procedure for Upgrading to Release 18.4

When upgrading or downgrading Junos OS, use the jinstall package. For information about the contents of the jinstall package and details of the installation process, see the Installation and Upgrade Guide. Use other packages, such as the jbundle package, only when so instructed by a Juniper Networks support representative.

Note

Back up the file system and the currently active Junos OS configuration before upgrading Junos OS. This allows you to recover to a known, stable environment if the upgrade is unsuccessful. Issue the following command:

Note

The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration information from the previous software installation is retained, but the contents of log files might be erased. Stored files on the router, such as configuration templates and shell scripts (the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored files, copy them to another system before upgrading or downgrading the routing platform. For more information, see the Junos OS Administration Library.

Note

We recommend that you upgrade all software packages out of band using the console because in-band connections are lost during the upgrade process.

To download and install Junos OS Release 18.4R1:

  1. Using a Web browser, navigate to the All Junos Platforms software download URL on the Juniper Networks webpage:

    https://www.juniper.net/support/downloads/

  2. Select the name of the Junos OS platform for the software that you want to download.
  3. Select the release number (the number of the software version that you want to download) from the Release drop-down list to the right of the Download Software page.
  4. Select the Software tab.
  5. In the Install Package section of the Software tab, select the software package for the release.
  6. Log in to the Juniper Networks authentication system by using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
  7. Review and accept the End User License Agreement.
  8. Download the software to a local host.
  9. Copy the software to the routing platform or to your internal software distribution site.
  10. Install the new jinstall package on the router.Note

    We recommend that you upgrade all software packages out of band using the console because in-band connections are lost during the upgrade process.

    All customers except the customers in the Eurasian Customs Union (currently comprised of Armenia, Belarus, Kazakhstan, Kyrgyzstan, and Russia) can use the following package:

    user@host> request system software add validate reboot source/junos-install-ptx-x86-64-18.4R1.9.tgz

    Customers in the Eurasian Customs Union (currently comprised of Armenia, Belarus, Kazakhstan, Kyrgyzstan, and Russia) can use the following package (Limited encryption Junos OS package):

    user@host> request system software add validate reboot source/junos-install-ptx-x86-64-18.4R1.9-limited.tgz

    Replace the source with one of the following values:

    • /pathname—For a software package that is installed from a local directory on the router.

    • For software packages that are downloaded and installed from a remote location:

      • ftp://hostname/pathname

      • http://hostname/pathname

      • scp://hostname/pathname

    The validate option validates the software package against the current configuration as a prerequisite to adding the software package to ensure that the router reboots successfully. This is the default behavior when the software package being added is a different release.

    Adding the reboot command reboots the router after the upgrade is validated and installed. When the reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.

    Rebooting occurs only if the upgrade is successful.

Note

You need to install the Junos OS software package and host software package on the routers with the RE-PTX-X8 Routing Engine. For upgrading the host OS on this router with VM Host support, use the junos-vmhost-install-x.tgz image and specify the name of the regular package in the request vmhost software add command. For more information, see the VM Host Installation topic in the Installation and Upgrade Guide.

Note

After you install a Junos OS Release 18.4 jinstall package, you cannot return to the previously installed software by issuing the request system software rollback command. Instead, you must issue the request system software add validate command and specify the jinstall package that corresponds to the previously installed software.

Note

Most of the existing request system commands are not supported on routers with RE-PTX-X8 Routing Engines. See the VM Host Software Administrative Commands in the Installation and Upgrade Guide.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.

You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.4, 18.1, and 18.2 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from Junos OS Release 17.1 to Release 17.3. However, you cannot upgrade directly from a non-EEOL release that is more than three releases ahead or behind.

To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.

For more information about EEOL releases and to review a list of EEOL releases, see https://www.juniper.net/support/eol/junos.html.

Upgrading a Router with Redundant Routing Engines

If the router has two Routing Engines, perform a Junos OS installation on each Routing Engine separately to avoid disrupting network operation as follows:

  1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the configuration change to both Routing Engines.

  2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running software version on the master Routing Engine.

  3. After making sure that the new software version is running correctly on the backup Routing Engine, switch over to the backup Routing Engine to activate the new software.

  4. Install the new software on the original master Routing Engine that is now active as the backup Routing Engine.

For the detailed procedure, see the Installation and Upgrade Guide.

Product Compatibility

Hardware Compatibility

To obtain information about the components that are supported on the devices, and special compatibility guidelines with the release, see the Hardware Guide and the Interface Module Reference for the product.

To determine the features supported on PTX Series devices in this release, use the Juniper Networks Feature Explorer, a Web-based application that helps you explore and compare Junos OS feature information to find the right software release and hardware platform for your network. Find Feature Explorer at: https://apps.juniper.net/feature-explorer/.

Hardware Compatibility Tool

For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms, see the Hardware Compatibility tool.