Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Junos OS Release Notes for PTX Series Packet Transport Routers

 

These release notes accompany Junos OS Release 18.4R3 for the PTX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

New and Changed Features

This section describes the new features and enhancements to existing features in the Junos OS main release and the maintenance releases for the PTX Series.

Release 18.4R3 New and Changed Features

There are no new features or enhancements to existing features for PTX Series in Junos  OS Release 18.4R3.

Release 18.4R2 New and Changed Features

There are no new features or enhancements to existing features for PTX Series in Junos  OS Release 18.4R2.

Release 18.4R1 New and Changed Features

Hardware

  • New fixed-configuration packet transport router (PTX Series)—Starting in Junos OS Release 18.2R1, the PTX10001-20C is a new fixed-configuration Macsec-enabled LSR core router. It features a compact, 1U form factor that is easy to deploy in space-constrained Internet exchange locations, remote central offices, and embedded peering points throughout the network. The PTX10001 has 20 QSFP28 ports, and you can add 16 more QSFP28 ports with the optional JNP10001-16C-PIC expansion module. The 36 QSFP28 ports can be configured as 10 Gbps, 40 Gbps, or 100 Gbps. The ports handle up to 3.6 Tbps of throughput and 2 Bpps of forwarding capacity.

    See PTX10001 Hardware Guide.

Authentication, Authorization and Accounting (AAA) (RADIUS)

  • Support for password change policy enhancement (PTX Series)—Starting in Junos OS Release 18.4R1, the Junos OS password change policy for local user accounts is enhanced to comply with additional password policies. As part of the policy improvement, you can configure the following:

    • maximum-lifetime-value—The maximum duration of a password. The password expires after the maximum is reached.

    • minimum-lifetime-value—The minimum duration of a password. You cannot change the password until the minimum duration is reached.

    [See password.]

Class of Service (CoS)

  • Support for classifying Layer 2 frames based on Layer 3 information (PTX Series)—Starting in Junos OS Release 18.4R1, PTX Series devices support classifying Layer 2 frames based on Layer 3 fields. You can match on DSCP bits in IPv4 packets (classifier type dscp), TOS bits in IPv6 packets (classifier type dscp-ipv6), EXP bits in MPLS frames (classifier type exp), and PCP bits in IEEE 802.1 frames (classifier type ieee-802.1). To do this, define classifiers as normal at the [edit class-of-service classifiers classifier-type classifier-name] hierarchy level and then apply the classifiers to a Layer 2 (family ethernet-switching) interface at the [edit class-of-services interfaces interface-name unit 0] hierarchy level.

    [See classifiers (Definition).]

  • Support for class of service (CoS) on PTX10001-20C routers—Starting in Junos OS Release 18.4R1, PTX10001-20C routers support class-of-service (CoS) functionality.

    CoS is the assignment of traffic flows to different service levels. Service providers can use router-based CoS features to define service levels that provide different delay, jitter (delay variation), and packet loss characteristics to particular applications served by specific traffic flows.

    [See CoS Features and Limitations on PTX Series Routers.]

Forwarding and Sampling

  • Support for activating or deactivating static routes on the basis of RPM test results (PTX Series) —Starting in Junos OS 18.4R1, you can use RPM probes to detect link status, and change the preferred-route state on the basis of the probe results. Tracked routes can be IPv4 or IPv6, and support a single IPv4 or IPv6 next hop. For example, RPM probes can be sent to an IP address to determine if the link is up, and if so, take the action of installing a static route in the route table. RPM-tracked routes are installed with preference 1 and thus are preferred over any existing static routes for the same prefix.

    [See Configuring RPM Probes , rpm-tracking, and show route rpm-tracking.]

Interfaces and Chassis

  • LACP hold-up timer configuration support on LAG interfaces (PTX Series)—You can configure an LACP hold-up timer value for LAG interfaces to prevent excessive flapping of a child (member) link of a LAG interface due to transport layer issues.

    Because of transport layer issues, a link can be physically up and still cause LACP state-machine flapping. LACP state-machine flapping, which can adversely affect traffic on the LAG interface. With the hold-up timer configured, LACP monitors the PDUs received on the child link for the configured time value, but does not allow the member link to transition from the expired or default state to the current state. This configuration thus prevents excessive flapping of the member link.

    To configure the hold-up timer, use the hold-time up timer-value statement at the [edit interfaces ae aeX aggregated-ether-options lacp] hierarchy level.

    [See hold-time up and Configuring LACP Hold-UP Timer to Prevent Link Flapping on LAG Interfaces.]

Junos Telemetry Interface

  • Enhanced IS-IS sensor support for Junos Telemetry Interface (JTI) (MX960, MX2020, PTX5000, PTX1000, and PTX10000)—Starting with Junos OS Release 18.4R1, JTI supports OpenConfig Version v0.3.3 (from v0.2.1) for resource paths related to IS-IS Link State Database (LSDB) streaming. The difference between the two versions results in changes, additions, deletions, or nonsupport for leaf devices related to the following IS-IS Type Length Value (TLV) parameters and IS-IS areas:

    • TLV 135: extended-ipv4-reachability

    • TLV 236: ipv6-reachability

    • TLV 22: extended-is-reachability

    • TLV 242: router-capabilities

    • IS-IS Interface Attributes

    • IS-IS Adjacency Attributes

    To provision the sensor to export data through gRPC streaming, use the telemetry Subscribe RPC to specify telemetry parameters. Streaming telemetry data through gRPC also requires the OpenConfig and Network Agent packages, both of which are bundled into the Junos OS image in a default package named junos-openconfig.

    [See Configuring a Junos Telemetry Interface Sensor (CLI Procedure) and Guidelines for gRPC Sensors (Junos Telemetry Interface).]

  • Support for NTF agent (MX240, MX480, MX960, MX2010, MX2020, vMX, PTX1000, PTX5000, and PTX10000)—Junos OS exposes telemetry data over gRPC and UDP as part of the Junos Telemetry Interface (JTI). One way to stream JTI data into your existing telemetry and analytics infrastructure requires managing an external entity to convert the data into a compatible format. Starting in Junos OS Release 18.4R1, the NTF agent feature provides an on-box solution that enables you to configure and customize to which endpoint (such as IPFIX and Kafka) the JTI data is delivered and in which format (such as AVRO, JSON, and MessagePack) the data is encoded.

    [See NTF Agent Overview.]

  • Expanded ON_CHANGE support for Junos Telemetry Interface (JTI) (MX960, MX2010, MX2020, PTX5000, PTX1000, and PTX10000)—Starting in Junos OS Release 18.4R1, OpenConfig support through gRPC and JTI is extended to support additional ON_CHANGE sensors.

    Periodical streaming of OpenConfig operational states and counters collects information at regular intervals. ON_CHANGE support streams operational states as events (only when there is a change), and is preferred over periodic streaming for time-sensitive missions.

    The following paths, previously supporting periodical streaming only, now also support ON_CHANGE streaming:

    • /components/component

    • /components/component/name/

    • /components/component/state/type

    • /components/component/state/id

    • /components/component/state/description

    • /components/component/state/serial-no

    • /components/component/state/part-no

    ON_CHANGE notification will be supported on all the hardware components displayed in the Junos OS CLI operational mode command show chassis hardware.

    To provision a sensor to export data through gRPC, use the telemetrySubscribe RPC to specify telemetry parameters. To enable ON_CHANGE support, configure the sample frequency in the subscription as zero.

    [See Guidelines for gRPC Sensors (Junos Telemetry Interface) and show chassis hardware.]

Layer 2 Features

  • Support for Layer 2 and Layer 3 forwarding across VLANs (PTX1000, PTX10008, and PTX10016)—Starting in Junos OS 18.4R1, PTX Series devices support Layer 2 and Layer 3 forwarding across VLANs. Layer 3 forwarding across VLANs by using Integrated Routing and Bridging (IRB) interface. To provide Layer 3 forwarding across VLANs, you need to create layer 3 logical interface on IRB physical interface and associate it with the VLAN.

    PTX Series routers support enabling IS-IS and OSPF protocols at the IRB level and also support iBGP and eBGP on the IRB interface. You can apply firewall filter and policer on the IRB interface.

    [See Layer 2 Learning and Forwarding for VLANs Overview.]

  • Support for port mirroring (PTX10001)—Starting in Junos OS Release 18.4R1, the PTX10001 supports firewall filter-based port mirroring for the IPv4 address family on the ingress interface.

    [ See Configuring Port Mirroring on M, T MX, and PTX Series Routers.]

Layer 3 Features

  • Support for BFD on PTX10001-20C Packet Transport Router—Starting in Junos OS Release 18.4R1, PTX10001-20C routers support Bidirectional Forwarding Detection (BFD) in centralized mode for clients operating under Layer 3 protocols such as OSPF, IS-IS, and BGP. BFD support is not extended to micro-BFD, IPv6, PIM, tunnel interfaces, or MPLS. [See bfd command.]

  • Support for ECMP on Layer 3 and MPLS routes on PTX10001-20C Packet Transport Router—Starting in Junos OS Release 18.4R1, PTX10001-20C routers support equal-cost multipath (ECMP) load balancing for IPv4 and MPLS routes.

  • Support for Layer 3 unicast features on PTX10001-20C Packet Transport Router —Starting in Junos OS Release 18.4R1, PTX10001-20C routers support the following Layer 3 forwarding features for unicast IPv4 traffic:

    • ICMPv4 messages (MTU exceeded, TTL expiry, host unreachable, IP redirect)

    • ICMPv4 host and longest prefix match (LPM) routing

    • IP packet exceptions (TTL error and IP-option)

    • IPv4 fragmentation

    • IPv4 ping and traceroute

    • Layer 3 protocols, such as:

      • OSPF

      • IS-IS with Bidirectional Forwarding Detection (BFD)

      • BGP

    • MTU check per port

    • Virtual router (VRF-lite)

MPLS

  • MPLS support (PTX10001-20C)—Starting with Junos OS Release 18.4R1, MPLS is supported on the PTX10001-20C router. The following features are supported:

    • Label Switching Routers (LSRs)

    • LDP and RSVP MPLS routing protocols

    • IS-IS interior gateway protocol (IGP) traffic engineering

    • Object access method, including ping and Bidirectional Forwarding Detection (BFD)

    • Fast reroute (FRR) MPLS local protection. Both one-to-one local protection and many-to-one local protection are supported.

    This feature was previously supported in an "X" release of Junos OS. [See MPLS Overview.]

  • MPLS-TE Fast Reroute Link Protection (PTX10001-20C)— Starting with Junos OS Release 18.4R1, you can enable fast reroute (FRR) to automatically reroute traffic on MPLS traffic engineering (TE) LSPs if a node or link in an LSP fails, thus reducing the loss of packets traveling over the LSP. When you enable fast reroute, detours are precomputed and pre-established along the LSP. In case of a network failure on the current LSP path, traffic is quickly routed to one of the detours. Fast reroute protects traffic against any single point of failure between the ingress and egress routers.

    This feature was previously supported in an "X" release of Junos OS. [See Fast Reroute Overview.]

Network Management and Monitoring

  • sFlow functionality introduced on PTX1000 and PTX10000—Starting in Junos OS Release 18.4R1, the PTX1000 and PTX10000 routers support sFlow, a network monitoring protocol for high-speed networks. With sFlow, you can continuously monitor tens of thousands of ports simultaneously. The mechanism used by sFlow is simple, not resource intensive, and accurate. An sFlow agent embedded in a network device samples packets and gathers interface statistics and sends the information to a monitoring station called a collector for analysis. An sFlow agent can be implemented in a distributed model. In such a case, each subagent has a separate subagent ID and is responsible for monitoring a set of network ports. The subagents share a common agent address.

    [See Configuring sFlow Technology for Network Monitoring (CLI Procedure) and sflow.]

Port Security

  • Media Access Control Security (MACsec) support (PTX10001-20C routers)—Starting in Junos OS Release 18.4R1, MACsec is supported on all twenty interfaces on the PTX10001-20C router and all sixteen interfaces on the TIC1 module. MACsec is an 802.1AE IEEE industry-standard security technology that provides secure communication for all traffic on point-to-point Ethernet links.

    [See Understanding Media Access Control Security (MACsec).]

  • Dynamic Host Configuration Protocol (DHCP) relay (PTX10001-20C routers)—Starting in Junos OS Release 18.4R1, DHCP relay is supported on PTX10001-20C routers.

    [See Extended DHCP Relay Agent.]

Routing Protocols

  • Support for 64 add-path BGP routes (PTX Series)—Starting in Junos OS Release 18.4R1, support is extended to 64 add-path BGP routes. Currently Junos OS supports six add-path routes and BGP can advertise upto 20 add-path routes through policy configuration. This feature allows BGP to advertise 64 add-path routes and a second best ECMP path as a backup in addition to the multiple ECMP paths.

    To advertise all add-paths up to 64 add-paths or only equal-cost paths, include the path-selection-mode statement at the [edit protocols bgp group group-name family name addpath send] hierarchy level. You cannot enable both multipath and path-selection-mode at the same time.

    To advertise a second best ECMP path as a backup path in addition to the multiple ECMP paths include the include-backup-path bacup_path_name statement at the [edit protocols bgp group group-name family name addpath send]] hierarchy level.

    [See add-path.]

    [See include-backup-path.]

  • Support for BGP flowspec redirect to IP (PTX Series)—Starting in Junos OS Release 18.4R1, BGP flow specification as described in BGP Flow-Spec Internet draft draft-ietf-idr-flowspec-redirect-ip-02.txt, Redirect to IP Action is supported. Redirect to IP action uses extended BGP community to provide traffic filtering options for DDoS mitigation in service provider networks. Legacy flow specification, as specified in the Internet draft draft-ietf-idr-flowspec-redirect-ip-00.txt, BGP Flow-Spec Extended Community for Traffic Redirect to IP Next Hop, redirect to IP uses the BGP nexthop attribute to support interoperability of devices. Junos OS advertises redirect to IP flow specification action using the extended community by default. Redirect to IP action allows you to divert matching flow specification traffic to a globally reachable address. This feature is required to support service chaining in virtual service control gateway (vSCG).

    To configure a static IPv4 flow specification route, include the redirect ipv4-address statement at the [edit routing-options flow route then] hierarchy level in the configuration.

    To configure a static IPv6 specification route, include the redirect ipv6-address statement at the [edit routing-options flow route then] hierarchy level in the configuration.

    To configure legacy flow specification include legacy-redirect-ip-action at the [edit group bgp-group neighbor bgp neighbor family inet flow] hierarchy level.

    To configure BGP to use VRF.inet.0 table to resolve VRF flow specification routes, include secondary-independent-resolution statement at the [edit protocols bgp neighbor family flow] hierarchy level.

    [See legacy-redirect-ip-action.]

    [See Configuring BGP Flow Specification Action Redirect to IP to Filter DDoS Traffic.]

Security

  • Support for Ingress Firewall Filters (PTX10001-20C)—Starting with Junos OS Release 18.4R1, you can configure firewall rules to filter incoming network traffic based on a series of user-defined rules. You can specify whether to accept, permit, deny, or forward packets before it enters an interface. If a packet is accepted, you can also configure additional actions to perform on the packet, such as class-of-service (CoS) marking (grouping similar types of traffic together and treating each type of traffic as a class with its own level of service priority) and traffic policing (controlling the maximum rate of traffic sent or received). Only ingress firewall filters are supported. You configure firewall filters under the [edit firewall] hierarchy level. This feature was previously supported in an "X" release of Junos OS.

    [See Firewall Filters Overview.]

Services Applications

  • Support for IPv4 and IPv6 inline active flow monitoring (PTX10002-60C router)—Starting in Junos OS Release 18.4R1 on PTX10002-60C routers, you can perform inline active flow monitoring for IPv4 and IPv6 traffic. Both IPFIX and version 9 templates are supported.

    [See Configuring Inline Active Flow Monitoring on PTX Series Routers.]

System Management

  • Copy files between the Junos VM and Linux host (PTX10008)—In Junos OS Release 18.4R1, two commands are introduced on the Enhanced Automation variant of Junos OS for PTX10008 routers: request vmhost copy jnode-to-vjunos and request vmhost copy vjunos-to-jnode. These commands enable you to copy files from the Linux host to the Junos VM and vice versa.

    [See request vmhost copy jnode-to-vjunos and request vmhost copy vjunos-to-jnode.]

VPN

  • Support to control traceroute over Layer 3 VPN (PTX Series)—Starting in Junos OS Release 18.4R1, in a Layer 3 VPN topology with vrf-table-label configured and multiple customer edge (CE) routers configured in the same VPN routing and forwarding (VRF) routing instance, when traceroute is performed to a remote provider edge (PE) router for a CE-facing network, the ICMP time exceeded packet determines the correct IP address as the source address.

    To control the traceroute over Layer 3 VPN topology with vrf-table-label configured and multiple CE routers configured in the same VRF, you can configure allow-l3vpn-traceroute-src-select at the[edit system] hierarchy level that determines the correct IP source address by reviewing the destination routing instance and destination IP address.

    [See allow-l3vpn-traceroute-src-select.]

Changes in Behavior and Syntax

This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands from Junos OS main release and the maintenance releases for the PTX Series.

Release 18.4R3 Changes in Behavior and Syntax

Network Management and Monitoring

  • SNMP customization configuration introduced (PTX Series)—As of Junos OS Release 18.4R1, the CLI configuration command set snmp customization ether-stats-ifd-only is introduced. When ether-stats-ifd-only is configured, the show snmp mib walk etherstatsTable command displays data only for physical interfaces (IFDs).

    [See customization (SNMP).]

Release 18.4R2-S1 Changes in Behavior and Syntax

Software Defined Networking

  • Increase in the maximum value of delegation-cleanup-timeout (PTX Series)—You can now configure a maximum of 2147483647 seconds as the delegation cleanup time for a Path Computation Client (PCC). This extends the time taken by the PCC to retain the last provided path over a PCEP session from the last session down time.

    With the increase in maximum value of delegation-cleanup-timeout from 600 to 2147483647 seconds, you can benefit during a Path Computation Element (PCE) failover, or other network issues that may disrupt the PCEP session with the main active stateful PCE.

    [See delegation-cleanup-timeout.]

Release 18.4R2 Changes in Behavior and Syntax

General Routing

  • User confirmation prompt for configuring the sub-options of request vmhost commands (MX Series and PTX series)—While configuring the following request vmhost commands, the CLI now prompts you to confirm a [yes,no] for the sub-options also.

    • request vmhost reboot

    • request vmhost poweroff

    • request vmhost halt

    In previous releases, the confirmation prompt was available for only the main options.

Interfaces and Chassis

  • New XML tag element <lacp-hold-up-state> added in show lacp interfaces XML display (PTX Series)—In Junos OS Release 18.4R2, the show lacp interfaces | display xml command displays a new XML tag element <lacp-hold-up-state>. The <lacp-hold-up-state> displays the time interval before an interface changes state from down to up. In earlier Junos OS releases, the LACP hold-up the information for all interfaces was in a single <lacp-hold-up-information> XML tag. Now, the hold-up information for each interface is displayed in a separate <lacp-hold-up-information> XML tag.

MPLS

  • New debug statistics counter (PTX Series)—The show system statistics mpls command has a new output field, called Packets dropped, over p2mp composite nexthop, to record the packet drops over composite point-to-multipoint next hops.

Network Management and Monitoring

  • Change in error severity (PTX10016)—Starting in Junos OS Release 18.4R2, on PTX10016 routers, the severity of the FPC error, shown in the syslog as PE Chip::FATAL ERROR!! from PE2[2]: RT: Clear Fatal if it is detected LLMEM Error MEM:llmem, MEMTYPE: 1, is changed from fatal to non-fatal (or minor). In case of this error, only a message is displayed for information purpose. To view the error details, you can use the show commands show chassis fpc errors and show chassis errors active.

    [See show chassis fpc errors.]

Routing Policy and Firewall Filters

  • Error caused by firewall filters with syslog and accept action (PTX1000 or PTX Series routers with type 3 FPCs)—In Junos OS Release 18.4R2, under rare circumstances, the host interface may stop sending packets and the connections to and from the peer might fail if an outbound firewall filter is configured with the syslog and accept actions. This condition applies to IPv4 and IPv6 traffic families. We recommends that you do not use the syslog and accept actions in the output filter for these systems.

    Here’s a sample configuration (shows IPv4):

    [See PR 1354580.]

Release 18.4R1 Changes in Behavior and Syntax

Interfaces and Chassis

  • New option to configure IP address to be used when the Routing Engine is the current master—Starting in Junos OS Release 18.4R1, a new option, master-only, is supported on routers with RE-MX-X6, RE-MX-X8, and RE-PTX-X8 Routing Engines at the following hierarchies:

    • [edit vmhost interfaces management-if interface (0|1) family inet address IPv4 address]

    • [edit vmhost interfaces management-if interface (0|1) family inet6 address IPv6 address]

    In routing platforms with dual Routing Engines and VM host support, the master-only option enables you to configure the IP address to be used for the VM host when the Routing Engine is the current master. The master Routing Engine and the backup Routing Engine can have independent host IP addresses configured. In releases before Junos OS Release 18.4R1, the same IP address is applied on the master and backup Routing Engines, resulting in configuration issues.

  • Support for creating Layer 2 logical interface independently (PTX Series)—In Junos OS Releases 18.4R1, 18.4R2, and later, PTX Series routers support creating layer 2 logical interface independent of layer 2 routing instance type. That is, you can configure and commit the layer 2 logical interfaces separately and add the interface to bridge-domain or Ethernet VPN (EVPN) routing instance separately. Note that the layer 2 logical interfaces works fine only when the interface is added to bridge domain or EVPN routing instance.

    In the earlier Junos OS releases, when an layer 2 logical interface configuration (units with encapsulation vlan-bridge configuration) is used, then the logical interface must be added as part of a bridge-domain or EVPN routing instance for the commit to succeed.

Network Management and Monitoring

  • No chassis alarm when power consumption by an FPC exceeds 90% or 100% of the allocated power budget—Starting in Junos OS Release 18.4R1, the PTX5000 routers do not raise a chassis alarm in the following events:

    • Power consumption by an FPC exceeds 90% of the allocated power budget.

    • Power consumption by an FPC exceeds 100% of the allocated power budget (in this case, a system log is registered).

  • The NETCONF server omits warnings in RPC replies when the rfc-compliant statement is configured and the operation returns <ok/> (PTX Series)—Starting in Junos OS Release 18.4R1, when you configure the rfc-compliant statement at the [edit system services netconf] hierarchy level to enforce certain behaviors by the NETCONF server, the server must not return an RPC reply that encloses both an <rpc-error> element and an <ok/> element. If the operation is successful, but the server reply encloses one or more <rpc-error> elements of severity warning in addition to the <ok/> element, then the warnings are omitted. In earlier releases, or when the rfc-compliant statement is not configured, the NETCONF server might issue an RPC reply that encloses both an <rpc-error> element of severity warning and an <ok/> element.

  • Deque Dry Interrupt error severity changed to fatal—Starting in Junos OS Release 18.4R1, on PTX5000 routers, we have changed the severity of the error Deque Dry Interrupt (error code: 0x2100dd) from major to fatal. By default, this error disables the Packet Forwarding Engine on the FPC. You can use the show chassis fpc errors command to view the default or user-configured action that resulted from the error.

    To resolve the error, restart the line card. If the error is still not resolved, open a support case using the Case Manager link at https://www.juniper .net/support/ or call 1-888-31 4-JTAC (within the United States) or 1-408-7 45-9500 (from outside the United States).

Known Behavior

This section contains the known behavior, system maximums, and limitations in hardware and software in Junos OS Release 18.4R3 for the PTX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Interfaces and Chassis

  • On PTX10001-20C routers, the show interfaces command might display different values for the input and output packets per second (pps) for host-bound packets.

General Routing

  • When an FPC goes offline or restarts, a source FPC sends traffic to a destination FPC. The following error messages are seen and a corresponding alarm is set on the destination FPC. Specific to PTX10000, the transient alarm gets set when this condition occurs. The alarm clears later because the source FPC goes offline. Apr 09 10:31:24 [TRACE] [asta] Apr 9 10:19:59 asta fpc4 Error (0x210613), module: PE Chip, type: Apr 09 10:31:24 [TRACE] [asta] Apr 9 10:19:59 asta fpc4 Cmerror Op Set: PE Chip: PE1[1]: FO:core intr: 0x00000010: Grant spray drop due to unspray-able condition error Apr 09 10:31:24 [TRACE] [asta] Apr 9 10:19:59 asta fpc4 Error (0x210614), module: PE Chip, type: Apr 09 10:31:24 [TRACE] [asta] Apr 9 10:19:59 asta fpc4 Cmerror Op Set: PE Chip: PE1[1]: FO:core intr: 0x00000008: Request spray drop due to unspray-able condition error PR1268678

  • PTX1000-M20C - DHCP binding issue with DHCP relay configuration might be seen. PR1442494

  • The Routing Engine boots from the secondary disk when you:

    Press the reset button, on the RCB front panel, while Routing Engine is booting up but before Junos is up.

    • Upgrade software, by booting from the network using the request vmhost reboot network command, and the system fails to boot from the network.

    • Upgrade BIOS and the upgrade fails.

    • Reboot and the system hangs before Junos is up PR1344342

  • The ingress interface and the mirror interface should have the same MTU or you must set a higher MTU on the mirror interface than on the ingress interface. PR1372321

  • Currently, PTX1000-M20C supports 128,000 transit LSPs; however, in a failover scenario, Argus can support a maximum of 192,000 LSPs, which means 64,000 backup LSPs are active. In a failover scenario and MBB case, 256,000 LSPs are required, but the ASIC can handle a maximum of 192,000 after optimization, so there is a limitation with backup LSPs. PR1375780

  • PTX1000 and MX Series sFlow sampling output has different VLAN priority in extended switch data fields with the same dual-tag configuration when egress sampling is configured, the difference is due to the sequence in which sampling and mac-rewrite happens. In MX Series, MAC rewrite occurs after sampling, and in the case of PTX Series sampling, happens after MAC rewrite. PR1387468

  • set interfaces interface-name gigether-options fec <fec74/fec91/none> configuration is not supported on Argus platform. PR1388140

  • 100 percent traffic loss is seen on all streams from PTX10001 to MX240 Series of devices. PR1435069

  • PTX10000 devices will learn source MAC information even when the traffic is explicitly dropped through the Ethernet switching filter. This is because learning event is triggered in source lookup block of the ASIC that is, before the filter rule is executed. Therefore, the learning event cannot be avoided. Learning event generated in PTX Series routers is not dependent on forwarding decisions taken in subsequent stages of ASIC pipeline. PR1436377

User Interface and Configuration

  • Auto-complete caution for QFX10002-60c and PTX10002-60c personalities—Starting in Junos OS Release 18.4R1, for QFX10002-60c and PTX10002-60c personalities, do not use auto-complete to display the list of arguments for the request system software delete command. You must look for the package name using the show system software command and then explicitly type the software package name in the request system software delete command.

    [See request system software delete].

Known Issues

This section lists the known issues in hardware and software in Junos OS Release 18.4R3 for the PTX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Class of Service (CoS)

  • Core files are generated when ports are channelized and dechannelized repeatedly, without delay. PR1370781

General Routing

  • Control packets might get dropped when the Packet Forwarding Engine experiences a heavy congestion. PR1163759

  • On a PTX Series PIC with the CFP2-DCO-T-WDM transceiver installed, after repeated configuration rollback, the link sometimes takes a long time to come up. PR1301462

  • When CFP2-DCO-T-WDM-1 plugged in PTX PIC, after FPC restart sometimes carrier frequency offset tca is raised even when tca is not enabled. PR1301471

  • In specific case of semigraceful RCB reboot initiated by the internal shell command vhclient init 0, GRES takes longer to complete, that is, 3 minutes as opposed to 21 seconds. The regular CLI command request vmhost reboot (graceful) and a jack-out-jack-in of the Routing Engine (ungraceful) do not exhibit this delay. PR1312065

  • On a PTX Series router with a third-generation FPC, the error message is displayed when the FPC goes online or offline. PR1322491

  • On PTX Series platform, whenever FPC reboots, the following error message will be seen in the Packet Forwarding Engine syslog: SCHED: Thread 57 (CMSNGFPC) ran for 2002 ms without yielding or [...LOG: Emergency] SCHED: Thread 50 (CMSNGFPC) aborted, hogged 8899 ms. There is no functional impact so can be ignored. PR1343256

  • On PTX Series platforms, NETCONF over SSH traffic through TCP port 830 might hit the host path queue that is unclassified. This can result in DDoS violations in the unclassified queue. PR1345744

  • PTX3000 reports Chip to Chip Link (CCL) CRC errors while FPC3-SFF-PTX-1X goes offline using the CLI command or pressing an offline button. The syslog error is generated by an FPC just before it goes offline. It is observed that there is no detectable traffic loss.PR1348733

  • When an aggregated Ethernet configuration is committed, then there will be errors seen which are harmless. PR1365355

  • When TIC goes offline and comes back online, the MPLS bidirectional traffic flow might stop working. PR1367920

  • User might not be able to stop the ZTP bootstrap, when a PTX10016 and PTX10008 router with more number of line cards is powered on with factory default configuration. PR1369959

  • The DHCP relay functionality does not work on PTX10001-20C devices. The DHCP requests and the DHCP offers are snooped by the box, the snooping occurs through a firewall. The firewall snoops all the DHCP packets ingressing the default route table and all the offers and requests are punted unto the host/control-plane. When a DHCP client sends the DHCP request, it gets intercepted by the filter block and punted up to the control plane. Upon receiving this packet, control-plane unicast (relay) this packet to DHCP server. DHCP server responds back with a DHCP offer, which again gets intercepted by the firewall block and punted up. Upon receiving the DHCP offer, control plane broadcast this DHCP offer to the clients VLAN and eventually client receives the DHCP offer. PR1407476

  • The rx_power value streamed to the telemetry server is the raw value (mW) returned directly from the transceiver driver. The Junos OS CLI value has been transformed in the transportd daemon into different units: (Rx input total power(0.01dBm). PR1411023

  • The firewall counter for lo0 interface might not increase. PR1420560

  • After changing the power feed(s), either turn off or turn on, show chassis power outputs do not match real condition and there are also incorrect syslog information recorded. PR1420571

  • On FPC, P2 interface might stay down after maintenance. Issue is usually observed on links connected to another vendors equipment. PR1412126

  • On PTX1000, PTX10000, PTX3000, PTX5000 with FPC3 Series, if the prefix entries configured in prefix-list exceeds the limit what the Packet Forwarding Engine chipset supports, some unexpected behavior might be observed (for example, the host-bound traffic drops) after performing change operation related to the prefix-list configuration (for example, add a prefix to prefix-list which is associated with filter). PR1426539

  • Upgrade broadcom retimer firmware version d00e to de2e is automatic, t6e-pic driver will check broadcom retimer firmware version is de2e or not, if firmware is not at version de2e pic driver will do firmware update for all retimers on gladiator PIC. This process will take up to 5 minutes, before firmware upgrade complete interface will stay in down state. PR1445473

  • On PTX10000 platforms, FPC might restart if there is some corruption in BCM switch (a small internal Ethernet switch, instead of Packet Forwarding Engine) inside the FPC. It is a timing issue. The reason is that the PCIe speed configuration for BCM switch is not correct. PR1464119

  • On PTX Series platforms, when EBUF parity error occurs on FPC, EBUF parity interrupt might not be observed and only iCRC error gets printed in log message. PR1466532

  • On all Junos OS platforms, when DHCP relay is configured with forward-only, and DHCP client is terminated on logical tunnel interface that multiple logical interfaces under this lt- interface have a same VLAN, DHCP relay might fail to send OFFER messages. PR1471161

Interfaces and Chassis

  • Upgrading Junos OS Release 14.2R5 and later maintenance releases and Junos OS Release 16.1 and later mainline releases with CFM configuration might cause the cfmd process to crash after upgrade. This is because of the presence of an old version of /var/db/cfm.db. PR1281073

MPLS

  • On Junos OS platforms with transit chaining mode enabled, if Resource Reservation Protocol (RSVP) link/node protection is enabled and sensor-based-stats is used, a single-hop bypass label-switched path (LSP) next hop might not be installed in forwarding information base (FIB) even it is in routing information base (RIB). Hence, the single-hop bypass LSP might fail to forward traffic when needed. PR1401152

Routing Protocols

  • With Bidirectional Forwarding Detection (BFD) configured on an aggregated Ethernet interface, if you disable/enable the aggregated Ethernet interface, then that interface and the BFD session might not come up. PR1354409

Resolved Issues

This section lists the issues fixed in the Junos OS Release 18.4R3 for the PTX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: 18.4R3

Forwarding and Sampling

  • The pfed might crash and not be able to come up on the PTX Series routers or TVP platforms. PR1452363

General Routing

  • In a rare race condition, multiple interrupts are not handled properly on PTX Series platform with FPC3-PTX-U2 and FPC3-PTX-U3, that might generate a core file. This condition is difficult to reproduce. As a workaround, the interrupt code is optimized to avoid the unnecessary call to prevent the issue. PR1208536

  • On the third-generation PTX Series routers FPCs such as PTX3000 or PTX5000 FPC3 and PTX1000, if the protocols mpls no-propagate-ttl command is configured, the MPLS TTL field can be reset to 255 in the packets where a label swap operation is performed. PR1287473

  • On next generation Routing Engine, a failure of the hardware random number generator (HWRNG) will leave the system in a state where not enough entropy is available to operate. PR1349373

  • Unsuccessful connection attempts will not be logged on the backup SPMB. PR1369731

  • When a Routing Engine reboots and comes up again it sends gratuitous ARP packets to the internal interfaces in order to advertise its MAC address. These packets get in to the UKERN running on the FPC, which drops these packets. The messages seen here are printed just before dropping these packets. These error messages are harmless and do not disrupt working of any feature. PR1374372

  • When the ingress and egress interfaces are of "aggregate" type on PTX10000, you might see syslog messages about expr_get_local_pfe_child_ifl and flowtb_get_cpu_header_fields. These messages has no impact; but they will crowd syslog files and syslog servers. PR1379227

  • The agentd sensor transmits multiple interface telemetry statistics per FPC slot. PR1392880

  • The port at FPC (for example, JNP10K-LC1101) might fail to come up. PR1409585

  • In the fully loaded setup with many SFPs, some SNMP queries might experience response delay because of the higher priority daemons utilizing CPU resources. PR1411062

  • The PTX1000 and PTX10002 might stop forwarding packets after the chassis-control process restarts. PR1414434

  • A core file core-olympus-fpc3-sevfpc.elf.0.tgz is generated after GRES in PTX3000. PR1415145

  • Packet Forwarding Engine wedge might be observed after issuing the show forwarding-options load-balance command. PR1422464

  • An aggregated Ethernet interface does not come up with LACP enabled over the ccc circuit between R0 and R3. PR1424553

  • When an interface is configured with jumbo frames support (for example, MTU = 9216), the effective MTU size for locally sourced traffic is 24 bytes less than the expected value. PR1428094

  • Interface does not come up after interface flapping and FPC reboot. PR1428307

  • Inline J-Flow might cause PECHIP major error. PR1429419

  • Reclassification policy applied on the route prefixes might not work on PTX Series platforms. PR1430028

  • The l2cpd process might crash and generate a core file when the interfaces flap. PR1431355

  • IPFIX Flow timestamp is not matching with NTP synchronized system time. PR1431498

  • SIB Link Error detected on a specific Packet Forwarding Engine might cause complete service impact. PR1431592

  • Traffic loss might be seen on the PTX10000 platforms using LC1105 line card. PR1433300

  • The scaled filter might drop packets with the flt.Dispatcher.flt_err error on the PTX Series routers. PR1433648

  • IPv6 neighbor solicitation packets are dropped on PTX Series routers. PR1434567

  • Routing Engine switchover does not work as expected while SSD failure occurs. PR1437745

  • On PTX10002, No chassis alarm is raised when a PEM is removed or power off to PEM. PR1439198

  • CPU might hang or interface might be stuck down on a particular 100-Gigabit Ethernet port on PTX Series routers. PR1440526

  • Interfaces on PTX Series routers might not come up after FPC restart or port flap. PR1442159

  • The KRT queue might be stuck when more than 65000 IPv6 labeled-unicast routes are received on BGP-LU IPv6 session that is configured on PTX10000 Series platform. PR1442760

  • BCM FW needs to be upgraded to DE2E. PR1445473

  • The jdhcpd process might crash after issuing the show access-security router-advertisement-guard command. PR1446034

  • Egress sampling for sflow might stop working for more than 8 interfaces on PTX Series platforms. PR1448778

  • Currently, IS-IS is sending system host-name instead of system-id in OC paths in lsdb or adjacency xpaths in periodic streaming and on-change notification. PR1449837

  • Interfaces might flap forever after deleting the interface disable configuration. PR1450263

  • FPC generates Voltage Tolerance Exceeded, a major alarm for EACHIP 2V5 sensors. PR1451011

  • Firewall filter applied at interface level might not work when MPLS label is present in certain scenarios. PR1452716

  • The interface might not come up after flapping on PTX3000/PTX5000. PR1453217

  • The FPC might crash when the severity of error is modified. PR1453871

  • Traffic silently drops when interfaces flap after the DRD is auto-recovered. PR1459698

  • The forwarding option is missed in routing instance type. PR1460181

  • Hardware failure in CB2-PTX causes traffic interruption. PR1460992

  • FPC might restart during run time on PTX10000 platforms. PR1464119

  • EBUF parity interrupt is not seen on PTX Series platforms. PR1466532

  • Packet Forwarding Engine error logs prds_packet_classify_notification: Failed to find fwd nh for flabel 48 might be reported when IGMP packets are sampled on PTX5000 platform. PR1466995

  • IPv6 traffic over Layer 3 VPN with vrf-table-label might fail. PR1466659

  • Optics measurements might not be streamed for interfaces of a PIC over JTI. PR1468435

Infrastructure

  • Junos packages may have incorrectly registered as "unsupported". PR1427344

  • FPC might reboot if jlock hog occurs on all Junos VM based platforms. PR1439906

Interfaces and Chassis

  • After member interface flapping AE remains down on 5X100GE DWDM CFP2-ACO PIC. PR1429279

Layer 2 Ethernet Services

  • DHCP request might get dropped in DHCP relay scenario. PR1435039

MPLS

  • RSVP Path error received on a new path calculated by CSPF is not treated as optimization when CSPF is computed and optimization retry is not honoring 2^retry + rsvp-error-hold-time. PR1416948

  • Traffic loss might be seen after LDP session flaps rapidly. PR1436119

  • The transit packets might be dropped if an LSP is added or changed on PTX Series routers. PR1447170

Platform and Infrastructure

  • Use groups re0/re1 to configure the Routing Engine specific management interface. PR1375012

  • Packet drops, replication failure or ksyncd crashes might be seen on the logical system of a Junos OS device after Routing Engine switchover. PR1427842

  • REST API process will get non-responsive when a number of requests start coming at a high rate. PR1449987

Routing Protocols

  • Routing Engine-based micro BFD packets do not go out with configured source IP when the interface is in logical system. PR1370463

  • PTX Series device cannot intercept PIM BSR message. PR1419124

  • Route churn might be seen after changing maximum-prefixes configuration from value A to value B. PR1423647

  • The rpd might crash with SRTE configuration change. PR1442952

  • The rpd CPU utilization is at 100 percent due to incorrect path-selection. PR1446861

  • L3 VPN PE-CE link protection exhibits unexpected behavior on PTX10000 platforms. PR1447601

  • On all Junos OS platforms, SSH login from automation tools to the Junos OS device is not successful if the username is configured both as a local user and also on a remote RADIUS/TACACS server. PR1454177

VPNs

  • In a specific CE device environment in which asynchronous-notification is used, after the link between the PE and CE devices goes up, the L2 circuit flaps repeatedly. PR1282875

  • Memory leak might be seen if PIM messages are received over an MDT (mt- interface) in draft-rosen MVPN scenario. PR1442054

Resolved Issues: 18.4R2

General Routing

  • On PTX Series, multicast traffic packet drop of more than 50 percent is seen when a first-generation or second-generation FPC is used in the same chassis with a third-generation FPC. PR1339481

  • Disable reporting of correctable single-bit errors on Hybrid Memory Cube (HMC) and prevent a major alarm. PR1384435

  • Packet drop might be seen in lower-priority queues on PTX Series routers or on the QFX10000 line of switches. PR1385454

  • The show chassis fpc command on PTX1000 routers and the PTX10000 line of routers shows incorrect buffer memory utilization. PR1397612

  • High jsd or na-grpcd CPU usage might be seen even if JET or JTI is not used. PR1398398

  • CPU overuse might be observed on PTX Series routers or on the QFX10000 line of switches. PR1399369

  • The DHCPv6 relay-reply packet might be dropped by the DHCP relay. PR1399683

  • Only one Packet Forwarding Engine could be disabled on an FPC with multiple Packet Forwarding Engines in an error or wedge condition. PR1400716

  • The TCP connection between ppmd and ppman might be dropped because of a kernel issue. PR1401507

  • Log message JAM HW data base open failed for ptx5kpic_3x400ge-cfp8 during commit. PR1403071

  • Incorrect mem stat message is seen in FPC logs of PTX Type 1 FPC. PR1404088

  • RPT TPTX REGRESSIONS: While checking ethernet-switch verification ethernet-switch statistics is not in expected range. PR1404365

  • On a PTX3000, FPCs are not able to come online for tens of minutes after a reboot of the chassis. PR1404611

  • ZTP upgrade might fail if there are more than one 10-Gigabit Ethernet interfaces connected to the DHCP server. PR1404832

  • On PTX3000 or PTX5000, the backup CB's chassis environment status is alwaysTesting you remove and reinsert the backup CB. PR1405181

  • 100-gigabit SR4 optics with part number 740-061405 should be displayed as QSFP-100G-SR4-T2. PR1405399

  • No chassis alarm is raised on PTX1000 when the PEM is removed or power lost to PEM. PR1405430

  • Layer2 VPN might flap repeatedly when the link between the PE device and CE device is coming up. PR1407345

  • The Packet Forwarding Engine might get disabled unexpectedly due to a auto correctable non-fatal hardware error on PTX Series routers or QFX10002, QFX10008, or QFX10016. PR1408012

  • openconfig-network-instance:network-instances support for IS-IS must be hidden unless supported. PR1408151

  • PTX Inline J-flow: FPC went offline when sampling rate was changed at runtime to 80,000; dcpfe core file was also generated. PR1409502

  • The CPU might be overused by jsd process in JET scenario. PR1409639

  • Hostname is not updated at the FPC shell after a system configuration change on the CLI. PR1412318

  • Junos PCC might reject PCUpdate/PCCreate message if there is metric type other than type 2. PR1412659

  • The Layer 2 circuit egress PE device might drop the traffic in a FAT+CW-enabled Layer 2 circuit scenario when another FAT+CW enabled Layer 2 circuit PW flaps. PR1415614

  • Traffic loss could be seen for the duration of the hold-time down timer when an interface, with the hold-time down timer configured, flaps. with hold-time down timer configured. PR1418425

  • RX alarms are not set according to the threshold value configured for the DCO Tunable Optics. PR1419204

  • An interface might go to down state on a QFX10000 or PTX10000 platform. PR1421075

  • Virtual Chassis might become unstable and fxpc core files might be generated when there are a lot of configured filter entries. PR1422132

  • 4x10G interfaces on the third-generation FPCs on PX3000 or PTX5000 might not come up after frequently flap ping for a long of time. PR1422535

  • While committing a huge configuration, the user sees the error error: mustd trace init failed.PR1423229

  • A Specific interface on the P3-15-U-QSFP28 PIC card remains down until another interface comes up. PR1427733

Infrastructure

  • The request system recover oam-volume command might fail on PTX Series. PR1425003

Interfaces and Chassis

  • The syslog message /kernel: %KERN-3: pointchange for flag 04000000 not supported on IFD aex upon LFM related configuration commit on aggregated Ethernet interfaces. PR1423586

  • Some ports on PTX Series routers might remain down after rebooting the FPC or the device is rebooted at the remote side. PR1429315

MPLS

  • An RSVP-signaled LSP might stay in down state after a link in the path flaps. PR1384929

  • The rpd might crash when an LDP route with an indirect next-hop is deleted. PR1398876

  • LDP routes might flap if committing any configuration changes. PR1416032

  • Bypass dynamic RSVP LSP tears down too soon when being used for protecting an LDP LSP with dynamic-rsvp-lsp statement. PR1425824

Platform and Infrastructure

  • Some files are missing during log archiving. PR1405903

Routing Protocols

  • Rpd core files are seen on the backup Routing Engine during neighborship flapping when the authentication-key option with a size larger than 20 characters is used. PR1394082

  • Syslog message is seen whenever the prefix SID coincides with the node SID. PR1403729

  • An rpd memory leak might be seen in an IS-IS segment routing scenario. PR1404134

  • Dynamic routing protocol flapping with VM host Routing Engine switchover on NG-RE. PR1415077

  • Rpd might crash with ospf overload configuration. PR1429765

Resolved Issues: 18.4R1

Infrastructure

  • The FPC might go down on some VM-host-based PTX Series or QFX Series devices. PR1367477

Interfaces and Chassis

  • PE Chip:pe0[0]: IPW: oversize_drop error causes a major error on FPC. PR1375030

MPLS

  • In Junos OS Release 18.2X75, IPv6 routes are dead in mpls.0 table S=0 leads to traffic loss in v6-indirect next-hop stitching. PR1355878

  • LSP with auto-bandwidth enabled goes down as a result of an HMC error. PR1374102

  • Bypass LSP is taking the same SRLG colored path. PR1387497

Platform and Infrastructure

  • On a PTX1000, upgrade from Junos OS Release 16.1X65-D45 to Junos OS Release 17.3-20170721 fails frequently when sampling is enabled. PR1296533

  • Repeated log messages %PFE-3 fpcX expr_nh_index_tree_ifl_get and expr_nh_index_tree_ipaddr_get are observed when the sampling packet is discarded with the log (or syslog) statement configured under the firewall filter. PR1304022

  • The status LED on the chassis remains unlit on the QFX10002-60C. PR1332991

  • The traffic-class-count values in a filter configured with the scale-optimized statement, are not incrementing. PR1334580

  • Packet might be dropped by RPF during a Routing Engine switchover. PR1354285

  • The host interface might stop sending packets on a PTX Series router with FPC3 or PTX1000 when you use an outbound firewall filter with syslog option. PR1354580

  • PTX1000-M20C: FRR link-protection convergence time. PR1355953

  • Traffic is still forwarded through the member link of an aggregated Ethernet bundle interface even with Link-Layer-Down flag set. PR1365263

  • JSA10899 2018-10 Security Bulletin: Junos OS: Next-hop index allocation failed: private index space exhausted as a result of incoming ARP requests to the management interface (CVE-2018-0063). PR1360039

  • The 'Normal discards' Packet Forwarding Engine statistics traffic counter might increase at a higher rate when Inline-Jflow or sFlow is enabled. PR1368208

  • slu.l2_domain_lookup_failure traps might be observed when using sampling on FPC-P1/FPC-P2. PR1368381

  • The IPLC card might take a long time to come up. PR1368637

  • The 'commit or commit check operation' might fail because of the error cannot have lsp-cleanup-timer without lsp-provisioning.PR1368992

  • On PTX10001 and ACX6360, 100G-LR4 optics and 100G-ER4 optics are not supported. PR1371590

  • Packets might be dropped after a filter is deleted from an interface. PR1372957

  • Inline BFD keeps flapping when inline samping is configured. PR1376509

  • Traffic might be dropped on third-generation FPCs on PTX Series routers. PR1378392

  • Layer 3 VPN traffic might be dropped because one core-facing interface is down. PR1380783

  • BFD sessions bounced FPCs that have not been taken offline. PR1383703

  • Packet Forwarding Engine-based local repair does not happen for IP routes pointing to a unilist of composites with Indirect next hops. PR1383965

  • CPSM daemon memory leak is observed ion VM host. PR1387903

  • BFD flaps are seen on PTX or QFX10000 platforms with inline BFD. PR1389569

  • Forwarding issue on mixed link-speed aggregated Ethernet interface after FPC reloads. PR1390417

  • High jsd or na-grpcd CPU usage might be seen even when JET or JTI is not used. PR1398398

Documentation Updates

There are no errata or changes in Junos OS Release 18.4R3 documentation for PTX Series.

Migration, Upgrade, and Downgrade Instructions

This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for Junos OS for the PTX Series. Upgrading or downgrading Junos OS might take several hours, depending on the size and configuration of the network.

Basic Procedure for Upgrading to Release 18.4

When upgrading or downgrading Junos OS, use the jinstall package. For information about the contents of the jinstall package and details of the installation process, see the Installation and Upgrade Guide. Use other packages, such as the jbundle package, only when so instructed by a Juniper Networks support representative.

Note

Back up the file system and the currently active Junos OS configuration before upgrading Junos OS. This allows you to recover to a known, stable environment if the upgrade is unsuccessful. Issue the following command:

Note

The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration information from the previous software installation is retained, but the contents of log files might be erased. Stored files on the router, such as configuration templates and shell scripts (the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored files, copy them to another system before upgrading or downgrading the routing platform. For more information, see the Junos OS Administration Library.

Note

We recommend that you upgrade all software packages out of band using the console because in-band connections are lost during the upgrade process.

To download and install Junos OS Release 18.4R2:

  1. Using a Web browser, navigate to the All Junos Platforms software download URL on the Juniper Networks webpage:

    https://www.juniper.net/support/downloads/

  2. Select the name of the Junos OS platform for the software that you want to download.
  3. Select the release number (the number of the software version that you want to download) from the Release drop-down list to the right of the Download Software page.
  4. Select the Software tab.
  5. In the Install Package section of the Software tab, select the software package for the release.
  6. Log in to the Juniper Networks authentication system by using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
  7. Review and accept the End User License Agreement.
  8. Download the software to a local host.
  9. Copy the software to the routing platform or to your internal software distribution site.
  10. Install the new jinstall package on the router.Note

    We recommend that you upgrade all software packages out of band using the console because in-band connections are lost during the upgrade process.

    All customers except the customers in the Eurasian Customs Union (currently comprised of Armenia, Belarus, Kazakhstan, Kyrgyzstan, and Russia) can use the following package:

    user@host> request system software add validate reboot source/junos-install-ptx-x86-64-18.4R2.9.tgz

    Customers in the Eurasian Customs Union (currently comprised of Armenia, Belarus, Kazakhstan, Kyrgyzstan, and Russia) can use the following package (Limited encryption Junos OS package):

    user@host> request system software add validate reboot source/junos-install-ptx-x86-64-18.4R2.9-limited.tgz

    Replace the source with one of the following values:

    • /pathname—For a software package that is installed from a local directory on the router.

    • For software packages that are downloaded and installed from a remote location:

      • ftp://hostname/pathname

      • http://hostname/pathname

      • scp://hostname/pathname

    The validate option validates the software package against the current configuration as a prerequisite to adding the software package to ensure that the router reboots successfully. This is the default behavior when the software package being added is a different release.

    Adding the reboot command reboots the router after the upgrade is validated and installed. When the reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.

    Rebooting occurs only if the upgrade is successful.

Note

You need to install the Junos OS software package and host software package on the routers with the RE-PTX-X8 Routing Engine. For upgrading the host OS on this router with VM Host support, use the junos-vmhost-install-x.tgz image and specify the name of the regular package in the request vmhost software add command. For more information, see the VM Host Installation topic in the Installation and Upgrade Guide.

Note

After you install a Junos OS Release 18.4 jinstall package, you cannot return to the previously installed software by issuing the request system software rollback command. Instead, you must issue the request system software add validate command and specify the jinstall package that corresponds to the previously installed software.

Note

Most of the existing request system commands are not supported on routers with RE-PTX-X8 Routing Engines. See the VM Host Software Administrative Commands in the Installation and Upgrade Guide.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.

You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.4, 18.1, and 18.2 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from Junos OS Release 17.1 to Release 17.3. However, you cannot upgrade directly from a non-EEOL release that is more than three releases ahead or behind.

To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.

For more information about EEOL releases and to review a list of EEOL releases, see https://www.juniper.net/support/eol/junos.html.

Upgrading a Router with Redundant Routing Engines

If the router has two Routing Engines, perform a Junos OS installation on each Routing Engine separately to avoid disrupting network operation as follows:

  1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the configuration change to both Routing Engines.

  2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running software version on the master Routing Engine.

  3. After making sure that the new software version is running correctly on the backup Routing Engine, switch over to the backup Routing Engine to activate the new software.

  4. Install the new software on the original master Routing Engine that is now active as the backup Routing Engine.

For the detailed procedure, see the Installation and Upgrade Guide.