Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Junos OS Release Notes for NFX Series

 

These release notes accompany Junos OS Release 19.3R3 for the NFX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os

What’s New

Learn about new features introduced in the Junos OS main and maintenance releases for NFX Series devices.

Release 19.3R3 New and Changed Features

There are no new features or enhancements to existing features for NFX Series in Junos OS Release 19.3R3.

Release 19.3R2 New and Changed Features

There are no new features or enhancements to existing features for NFX Series in Junos OS Release 19.3R2.

Release 19.3R1 New and Changed Features

Application Security

  • Application quality of experience (AppQoE) (NFX150 and NFX250 NextGen)—Starting in Junos OS Release 19.3R1, Application Quality of Experience (AppQoE) enforces the configuration limit for overlay paths, metric profiles, probe parameters, and SLA rules per profile when you configure application-specific SLA rules and associate the SLA rules to an APBR profile. If you configure more parameters than the allowed limit, an error message is displayed after you commit the configuration.

    [See Understanding AppQoE Configuration Limits.]

  • Application path selection based on link preference and priority (NFX150 and NFX250 NextGen)—Starting in Junos OS Release 19.3R1, you can configure application quality of experience (AppQoE) to select the application path based on the link priority and the link type when multiple paths that meet the SLA requirements are available.

    [See Understanding Application Path Selection Based on Link Preference and Priority.]

Interfaces

  • Dual virtual function support (NFX150)—Starting in Junos OS Release 19.3R1, you can configure and map a maximum of two L3 interfaces to a single physical port.

What's Changed

There are no changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands in Junos OS Release 19.3R3 for NFX Series.

Known Limitations

Learn about known limitations in this release for NFX Series routers. For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Interfaces

  • On NFX150 devices, the link does not come up if a 1-gigabit SFP transceiver is connected from heth-0-4 and heth-0-5 to a peer device. As a workaround, disable the auto-negotiation for the interface connected to the NFX150 on the remote device. PR1428020

Platform and Infrastructure

  • On NFX250 NextGen devices, the error message pki-service subsystem is not responding to management requests appears when you issue the show security pki ca-certificate command. PR1435639

  • The Routing Engine boots from the secondary disk when you:

    • Press the reset button on the RCB front panel, while the RE is booting up before Junos OS reboots.

    • Upgrade the software by booting from the network using the request vmhost reboot network command, and the system fails to boot from the network.

    • Upgrade the BIOS and it fails.

    • Reboot the system and it hangs before Junos OS reboots.

    As a workaround, interrupt the boot process to select the primary disk. PR1344342

  • With SRX1500 device used as HUB and NFX350 device as SPOKE, IPSEC replay-errors are seen with HTTP traffic when the AppQoE passive probing is enabled. As a workaround, use SRX4200 as HUB. PR1461068

Virtual Network Functions (VNFs)

After you create or delete a VNF on NFX150 and NFX250 NextGen devices, the request virtual-network-functions console vnf-name command gives an error that the VNF domain is not found. VNFs are reachable through SSH in this state. PR1433204

Open Issues

Learn about open issues in this release for NFX Series. For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Interfaces

  • When you issue a show interface command on NFX150 devices to check the interface details, the system does not check whether the interface name provided is valid or invalid. The system does not generate an error message if the interface name is invalid. PR1306191

  • When a DHCP server assigns a conflicting IP address to the NFX Series device interfaces, the NFX Series device does not send a DHCP DECLINE message in response. PR1398935

  • If you plug an unsupported SFP-T transceiver into an NFX150 device and reboot the device, the FPC1 WAN port does not come online. PR1411851

  • When the interface configuration has the encapsulation flexible-ethernet-services enabled on a 10-Gigabit Ethernet interface, traffic is dropped. PR1425927

  • On NFX150 devices, srxpfe core dump is observed when testing the ADSL interfaces. PR1485384

High Availability (HA)

  • On NFX250 devices, virtual port peer (VPP) functionality might not run on dual customer premises equipment (CPE) and occasionally on single CPE. This issue is noticed when a redis database file, appendonly.aof has stale entries before redis-server started after a boot. PR1461238

Platform and Infrastructure

  • On NFX250 NextGen devices, jumbo frames are not supported through OVS. PR1420630

  • On NFX150 devices, random RPM probe losses are noticed if the probe packets are fragmented because the data-size more than the inet MTU. PR1447082

  • On NFX150 devices, the following messages are seen during FTP: ftpd[14105]: bl_init: connect failed for `/var/run/blacklistd.sock' (No such file or directory). PR1315605

  • When you upgrade the NFX250 devices from Junos OS Release 15.1X53-D47.4 to Junos OS Release 18.4R1, it overwrites the existing vsrx.xml file to factory default file and the jdm subsystem becomes available. As a workaround, fix vsrx.xml file with the correct path to the qcow2 file. PR1456900

  • After you upgrade the NFX250 devices to Junos OS Release 18.4R3, login access to JDM via TACACS fails. PR1504915

Virtual Network Functions (VNFs)

  • On NFX150 and NFX250 NextGen devices, when you add, modify, or delete a VNF interface that is mapped to an L2 or L3 data plane, kernel traces might be observed on the NFX Series device console. PR1435361

  • On NFX150 and NFX250 NextGen devices, when two flowd interfaces are mapped to the same physical interface and if you delete the interface mapping to VF0, the traffic flow is disrupted. Even though the mapping is moved to VF0, the MAC address is not cleared in VF1, which disrupts the traffic. As a workaround, reboot the device, which resets the MAC address to the default value. PR1448595

Resolved Issues

Learn which issues were resolved in Junos OS main and maintenance releases for NFX Series devices. For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: 19.3R3

Application Security

  • AppQOE is sending active prob packets for the deleted active-probe-params option. PR1492208

High Availability

  • On an NFX150 chassis cluster, the host logs updated in the system log messages might not show the correct timestamp. As a workaround, convert the UTC timestamp to the local time zone. PR1394778

Interfaces

  • On NFX Series devices, ping is not working between the cross-connected interfaces with interface deny-forwarding configuration. PR1442173

  • On NFX150 devices, heth-0-4 and heth-0-5 ports do not detect traffic when you try to activate the ports by plugging or unplugging the cable. PR1449278

  • On NFX Series devices, the static MAC address on VNF might get replaced by random MAC. PR1458554

  • When traffic goes through vSRX3.0 devices, Packet Forwarding Engine does not come up and all interfaces are down. PR1465132

  • On NFX Series devices, GRE tunnel interface (gr-1/0/0) may not appear if clear-dont-fragment-bit option is configured for the GRE interface. PR1472029

  • On NFX350 devices, deleting and adding SXE interfaces move SXE interface to STP BLK state and the traffic drops on that interface. PR1475854

Platform and Infrastructure

  • On NFX Series devices, process jdmd is not responsive because the /etc/hosts file gets corrupted. PR1477151

  • On NFX250 devices, coredumps are observed while adding the second LAN subnet. PR1490077

  • On NFX250-ATT-LS1 devices, LTE packages are lost after a software image upgrade from Junos OS Release 15.1X53-D497.1 to Junos OS Release 18.4R3.3. PR1493711

  • The NFX250 devcies might fail to work after you upgrade the software image from Junos OS Release 15.1X53-D497.1 to Junos OS Release 18.4R3-S2. PR1507165

  • On NFX150 devices, ZTP over LTE configuration commit fails for operation=create in xml operations configuration. PR1511306

Virtual Network Functions (VNFs)

  • On NFX150-S1 devices, management ports are not disabled with the link disable command.PR1442064

  • On NFX150 devices, vmhost virtualization-options command is not working as expected for heth to ge interface mapping.PR1459885

  • On NFX Series devices, no error message is displayed if the commit fails when you configure native-vlan-id on an access VNF interface. PR1438854

Resolved Issues: 19.3R2

Interfaces

  • When applying firewall filters on lo0.0 on an NFX250 NextGen device, FPC0 disappears. PR1448246

  • On NFX150 devices, the show security dynamic-address command does not work for port 3. PR1448594

Platform and Infrastructure

  • On NFX Series devices, the HTTP traffic flow is created with a different routing instance when an APBR profile is configured with category and application in the same profile. PR1447757

  • Informational log message LIBCOS_COS_RETRIEVE_FROM_PVIDB: feature cos_fc_defaults num elems 4 rc 0 is displayed on the console when you commit after you configure AppQoS rule set. PR1457328

  • Version compare in PHC might fail, causing the PHC to download the same image. PR1453535

  • The REST service might become nonresponsive when the REST API receives a number of continuous HTTP requests. PR1449987

Virtual Network Functions (VNFs)

NFX250 devices do not allow “jdm” (case-insensitive) as a VNF name. You can use “jdm” as part of the name. For example, jdm123, abcJDM, abcJDM123 are valid VNF names, but jdm, JDM, Jdm, JDm are not valid VNF names. PR1463963

Resolved Issues: 19.3R1

Class-of-Service (CoS)

  • In the NFX Series device configuration, traffic is being sent to the incorrect queue when configuring CoS with forwarding-classes class vs. queue. The forwarding-classes class is not supported and is hidden. As a workaround, use forwarding-classes queue when you configure CoS. PR1436408

Interfaces

  • On NFX250 devices with XDSL SFP transceiver used on the fiber ports, the status of the transceiver is displayed under the ADSL Status field in the output of the show interfaces int-name command. But whenever a user hot-swaps an XDSL SFP with another XDSL SFP on the same port, the ADSL Status field is not displayed in the output of the show interfaces command. PR1408597

  • Starting in Junos OS Release 19.2R1, when you transition NFX150 devices from a PPPoE configuration to a non-PPPoE configuration in a non-promiscuous mode, the interface hangs without any traffic flow. PR1409475

  • The limit on maximum OVS interfaces is restored to the originally defined limit 25 for backward compatibility. As a workaround, reduce the number of OVS interfaces in the configuration to 20 or less. PR1439950

  • On NFX150 and NFX250 NextGen devices, cross-connect stays down even if all linked interfaces are up. PR1443465

  • On NFX150 devices, whenever you need to change the vmhost mappings of particular NICs, you must delete the existing VM-host mapping and commit the configuration so that the existing mapping is cleared. Then you can configure the new mappings for the respective heth NICs. Changing the NIC VM-host mappings in the same commit, which will delete and then add a new mapping to the heth NICs, is not supported. PR1450147

Platform and Infrastructure

  • On an NFX250 device, the console is not accessible and JDM stops working. These issues occur because the libvirtd process stops responding. PR1341772

  • On an NFX250 device, if the idle-time out parameter for a user login class on JDM is configured in minutes, the system considers the configured idle timeout value in seconds. The user is logged out based on the idle timeout value in seconds. PR1435310

Protocols

  • On NFX150 devices, SNMP does not work for the following commands:

    • show snmp mib walk jnxIpSecTunMonOutEncryptedBytes

    • show snmp mib walk jnxIpSecTunMonOutEncryptedPkts

    • show snmp mib walk jnxIpSecTunMonInDecryptedBytes

    • show snmp mib walk jnxIpSecTunMonInDecryptedPkts

    • show snmp mib walk jnxIpSecTunMonLocalGwAddr

    • show snmp mib walk jnxIpSecTunMonLocalGwAddrType

    PR1386894

Virtual Network Functions (VNFs)

  • When you issue the show virtual-network-functions vnf-name command, the system creates a defunct process due to the presence of popen() calls and pclose() calls that do not match. This issue is fixed in Junos OS Release 15.1X53-D497 onward by ensuring that pclose() calls match the popen() calls. PR1415210

  • With a VNF running, when MTU is configured, the KVM crashes and the VNF goes down. PR1417103

  • On NFX150 devices, FPC0 may not be online after an upgrade and a device reboot is required. PR1430803

  • When you run the show chassis fpc or show chassis fpc details command, the Temperature field in the command output is displayed as Testing. PR1433221

  • On NFX150 devices with VNFs configured, when the VNF interfaces are moved from the default OVS bridge to a custom OVS bridge, duplicate VNF host entries are present in the /etc/hosts file on JDM. PR1434679

  • When you downgrade from Junos OS Release 19.2 to Junos OS Release 18.4, the show virtual-network-functions vnf-name command does not display the VNF information. PR1437547

Documentation Updates

There are no errata or changes in Junos OS Release 19.3R3 documentation for NFX Series.

Migration, Upgrade, and Downgrade Instructions

This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for Junos OS for the NFX Series. Upgrading or downgrading Junos OS might take several hours, depending on the size and configuration of the network.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.

To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.

For more information on EEOL releases and to review a list of EEOL releases, see https://www.juniper.net/support/eol/junos.html.

Basic Procedure for Upgrading to Release 19.3

When upgrading or downgrading Junos OS, use the jinstall package. For information about the contents of the jinstall package and details of the installation process, see the Installation and Upgrade Guide. Use other packages, such as the jbundle package, only when so instructed by a Juniper Networks support representative.

Note

The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration information from the previous software installation is retained, but the contents of log files might be erased. Stored files on the device, such as configuration templates and shell scripts (the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored files, copy them to another system before upgrading or downgrading the device. For more information, see the Software Installation and Upgrade Guide.

Note

We recommend that you upgrade all software packages out of band using the console because in-band connections are lost during the upgrade process.

To download and install Junos OS Release 19.3R3:

  1. Using a Web browser, navigate to the All Junos Platforms software download URL on the Juniper Networks webpage:

    https://www.juniper.net/support/downloads/

  2. Select the name of the Junos OS platform for the software that you want to download.
  3. Select the Software tab.
  4. Select the release number (the number of the software version that you want to download) from the Version drop-down list to the right of the Download Software page.
  5. In the Install Package section of the Software tab, select the software package for the release.
  6. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
  7. Review and accept the End User License Agreement.
  8. Download the software to a local host.
  9. Copy the software to the device or to your internal software distribution site.
  10. Install the new package on the device.