Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Junos OS Release Notes for EX Series Switches

 

These release notes accompany Junos OS Release 19.4R3 for the EX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

What's New

Learn about new features introduced in the Junos OS main and maintenance releases for EX Series switches.

Note

The following EX Series switches are supported in Release 19.4R3: EX2300, EX2300-C, EX3400, EX4300, EX4600-40F, EX4650, EX9200, EX9204, EX9208, EX9214, EX9251, and EX9253.

What's New in 19.4R3

There are no new features or enhancements to existing features for EX Series switches in Junos OS Release 19.4R3.

What's New in 19.4R2

There are no new features or enhancements to existing features for EX Series switches in Junos OS Release 19.4R2.

What's New in 19.4R1

Authentication, Authorization, and Accounting

  • Disable LLDP TLV messages (EX4300-48MP switches)—Starting in Junos OS Release 19.4R1, you can disable nonmandatory time, length, and value (TLV) messages so they will not be advertised by the Link Layer Discovery Protocol (LLDP) or Link Layer Discovery Protocol–Media Endpoint Discovery (LLDP-MED).

    [See Device Discovery Using LLDP and LLDP-MED on Switches.]

Class of Service

EVPN

Junos OS XML, API, and Scripting

  • Python 3 support for commit, event, op, and SNMP scripts (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release 19.4R1, you can use Python 3 to execute commit, event, op, and SNMP scripts on devices running Junos OS. To use Python 3, configure the language python3 statement at the [edit system scripts] hierarchy level. When you configure the language python3 statement, the device uses Python 3 to execute scripts that support this Python version and uses Python 2.7 to execute scripts that do not support Python 3 in the given release.

    The Python 2.7 end-of-support date is January 1, 2020, and Python 2.7 will be EOL in 2020. The official upgrade path for Python 2.7 is to Python 3. As support for Python 3 is added to devices running Junos OS for the different types of onbox scripts, we recommend that you migrate supported script types from Python 2 to Python 3, because support for Python 2.7 might be removed from devices running Junos OS in the future.

    [See Understanding Python Automation Scripts for Devices Running Junos OS.]

  • Automation script library upgrades (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release 19.4R1, devices running Junos OS that support the Python extensions package include upgraded Python modules. Python scripts can leverage the upgraded versions of the following modules:

    • idna (2.8)

    • jinja2 (2.10.1)

    • jnpr.junos (Junos PyEZ) (2.2.0)

    • lxml (4.3.3)

    • markupsafe (1.1.1)

    • ncclient (0.6.4)

    • packaging (19.0)

    • paho.mqtt (1.4.0)

    • pyasn1 (0.4.5)

    • yaml (PyYAML package) (5.1)

    [See Overview of Python Modules Available on Devices Running Junos OS.]

Junos Telemetry Interface

  • JTI Packet Forwarding Engine and Routing Engine sensor support (EX4300-MP switches)—Starting in Junos OS Release 19.4R1, you can use the Junos Telemetry Interface (JTI) and remote procedure calls (gRPC) to stream statistics from EX4300-MP switches to an outside collector.

    The following Routing Engine statistics are supported:

    • LACP state export

    • Chassis environmentals export

    • Network discovery chassis and components

    • LLDP export and LLDP model

    • BGP peer information (RPD)

    • RPD task memory utilization export

    • Network discovery ARP table state

    • Network discovery NDP table state

    The following Packet Forwarding Engine statistics are supported:

    • Congestion and latency monitoring

    • Logical interface

    • Filter

    • Physical interface

    • NPU/LC memory

    • Network discovery NDP table state

    To provision a sensor to export data through gRPC, use the telemetrySubscribe RPC to specify telemetry parameters. Streaming telemetry data through gRPC also requires the OpenConfig for Junos OS module. Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled into the Junos OS image by default. Both packages support the Junos Telemetry Interface (JTI).

    [See Configuring a Junos Telemetry Interface Sensor (CLI Procedure), Configure a Telemetry Sensor in Junos and Guidelines for gRPC Sensors (Junos Telemetry Interface).]

  • JTI and OpenConfig support for VLAN sensors (EX4650, QFX5120)—Junos OS Release 19.4R1 supports the export of VLAN statistics using either Junos Telemetry Interface (JTI) services or remote procedure call (gRPC) services. You can export statistics at configurable intervals to an outside collector.

    This feature includes OpenConfig support for the data model openconfig-vlan.yang for VLAN configuration version 1.0.2.

    Use the following resource paths in a gRPC or gNMI subscription:

    • /vlans/

    • /vlans/vlan/state/name

    • /vlans/vlan/state/vlan-id

    • /vlans/vlan/state/status

    • /vlans/vlan/members/

    • /vlans/vlan/members/member/interface-ref/state/interface/

    • /vlans/vlan/members/member/interface-ref/state/interface/switched-vlan/state/interface-mode

    • /vlans/vlan/members/member/interface-ref/state/interface/switched-vlan/state/native-vlan

    • /vlans/vlan/members/member/interface-ref/state/interface/switched-vlan/state/access-vlan

    • /vlans/vlan/members/member/interface-ref/state/interface/switched-vlan/state/trunk-vlan

    • /vlans/vlan/members/member/interface-ref/state/interface/vlan/state/vlan-id

    Streaming telemetry data through gRPC or gNMI also requires the OpenConfig for Junos OS module.

    [See Guidelines for gRPC and gNMI Sensors (Junos Telemetry Interface).]

Layer 2 Features

  • Redundant trunk group support (EX4650 and QFX5120)—Starting with Junos OS Release 19.4R1, EX4650 and QFX5120 switches support redundant trunk group (RTG) links.

    [See Redundant Trunk Groups.]

  • Ethernet ring protection switching (ERPS)(EX4300-MP)—Starting in Junos OS Release 19.4R1, the EX4300-MP supports Ethernet ring protection switching (ERPS) to reliably achieve carrier-class network requirements for Ethernet topologies forming a closed loop. The ITU-T Recommendation is G.8032 version 1.

    ERPS version 1 comprises the following features:

    • Revertive mode of operation of the Ethernet ring

    • Multiple ring instances on the same interfaces

    • Multiple ring instances on different interfaces

    • Interworking with Spanning Tree Protocol, Multiple Spanning Tree Protocol, and redundant trunk groups

    [See Ethernet Ring Protection Switching Overview.]

  • Ethernet ring protection switching (ERPS)(EX4650 and QFX5120)—Starting in Junos OS Release 19.4R1, the EX4650 and QFX5120 support Ethernet ring protection switching (ERPS) to reliably achieve carrier-class network requirements for Ethernet topologies forming a closed loop. The ITU-T Recommendation is G.8032 version 1.

    ERPS version 1 comprises the following features:

    • Revertive mode of operation of the Ethernet ring

    • Multiple ring instances on the same interfaces

    • Multiple ring instances on different interfaces

    • Interworking with Spanning Tree Protocol, Multiple Spanning Tree Protocol, and redundant trunk groups

    [See Ethernet Ring Protection Switching Overview.]

MPLS

  • MPLS scaling enhancements (EX4650 and QFX5120)—Starting in Junos OS Release 19.4R1, MPLS scaling is enhanced on EX4650 and QFX5120 switches. For instance, you can increase the scale from its default 1024 to 8192 on QFX5120 switches. This enhancement optimizes and increases the ingress tunnel scale to address the current needs of data center networks either in IP-CLOS or IP over MPLS application spaces.

    [See Supported MPLS Scaling Values.]

Multicast

  • Multicast VLAN registration (MVR) (EX4300-48MP switches and Virtual Chassis)—Starting in Junos OS Release 19.4R1, EX4300 multigigabit (EX4300-48MP) switches and Virtual Chassis support multicast VLAN registration (MVR). MVR efficiently distributes IPTV multicast streams across an Ethernet ring-based Layer 2 network and reduces the bandwidth needed for this traffic. MVR uses a multicast VLAN (MVLAN) as a source VLAN associated with one or more multicast group addresses, and you designate other VLANs as MVR receiver VLANs that have listeners interested in the MVLAN traffic. The device selectively forwards the traffic from source interfaces on the MVLAN to receiver interfaces that are on the MVR receiver VLANs (but not on the MVLAN).

    [See Understanding Multicast VLAN Registration.]

Operation, Administration, and Maintenance (OAM)

  • Ethernet CFM support (EX4300-MP switches)—Starting with Junos OS Release 19.4R1, the EX4300-MP switch supports Ethernet connectivity fault management (CFM). You can use Ethernet CFM to:

    • Monitor faults, using the continuity check messages (CCM) protocol to discover and maintain adjacencies at the VLAN or link level.

    • Discover paths and verify faults, using the linktrace protocol to map the path taken to a destination MAC address.

    • Isolate faults, using loopback messages, and troubleshoot.

    You configure Ethernet CFM using the set protocols oam ethernet connectivity-fault-management command, and verify the configuration using the show oam ethernet connectivity-fault-management command.

  • Support for Ethernet CFM (EX4650)—Starting with Junos OS Release 19.4R1, the EX4650 switch supports Ethernet connectivity fault management (CFM). You can use Ethernet CFM to:

    • Monitor faults, using the continuity check messages (CCMs) to discover and maintain adjacencies at the VLAN or link level.

    • Discover paths and verify faults, using the Link Trace protocol to map the path taken to a destination MAC address.

    • Isolate and troubleshoot faults, using loopback messages.

    Note

    Only down maintenance association end points (MEPs) are supported in CFM.

    You configure Ethernet CFM using the set protocols oam ethernet connectivity-fault-management command, and verify the configuration using the show oam ethernet connectivity-fault-management command.

    [See Understanding Ethernet OAM Connectivity Fault Management for Switches.]

  • Support for LFM (EX4650)—Starting with Junos OS Release 19.4R1, the EX4650 switch supports OAM link fault management (LFM). You can configure OAM LFM on point-to-point Ethernet links that are connected directly or through Ethernet repeaters, and on aggregated Ethernet interfaces. The LFM status of individual links determines the LFM status of the aggregated Ethernet interface. The EX4650 supports the following OAM LFM features:

    • Discovery and link monitoring

    • Remote fault detection

    • Remote loopback

    [See IEEE 802.3ah OAM Link-Fault Management Overview.]

Port Security

  • Stateless address autoconfiguration (SLAAC) snooping (EX4300-48MP)—Starting in Junos OS Release 19.4R1, the EX4300-48MP switch supports Stateless address auto configuration (SLAAC) snooping. The switch validates IPv6 clients that use SLAAC for dynamic address assignment against the SLAAC snooping binding table before allowing the clients access to the network.

    [See IPv6 Stateless Address Auto-configuration (SLAAC) Snooping.]

  • Untrusted mode on trunk interfaces for DHCP security (EX4300-48MP)—Starting in Junos OS Release 19.4R1, you can configure a trunk interface as untrusted for DHCP security features on EX4300-48MP switches. Trunk interfaces in untrusted mode support DHCP snooping and DHCPv6 snooping, dynamic ARP inspection (DAI), and IPv6 neighbor discovery inspection.

    [See Understanding Trusted and Untrusted Ports.]

  • MACsec license enforcement (EX4300-48MP)—Starting in Junos OS Release 19.4R1, you must install a Media Access Security (MACsec) feature license if you want MACsec functionality on your EX4300-48MP switch. If the MACsec license is not installed, MACsec functionality cannot be activated. You add the MACsec license using the request system license add command.

    [See Understanding Media Access Control Security (MACsec).]

Routing Policy and Firewall Filters

System Logging

  • Improved intermodule communication between FFP and MGD (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release 19.4R1, intermodule communication is improved to enhance software debugging. To enhance error messages with more context, the exit conditions from libraries have been updated as follows:

    • Additional information is now logged for MGD-FFP intermodule communication.

    • Commit errors that previously were only shown onscreen are now logged.

    We provide a new operational command, request debug information, to speed up the initial information-gathering phase of debugging.

    [See request debug information.]

System Management

  • Change status LED for network port to chassis beacon light (EX2300, EX2300 Virtual Chassis, EX3400, EX3400 Virtual Chassis)—By default, when a network port and its associated link are active, the status LED for that port blinks green 8 times per second. Starting in Junos OS Release 19.4R1, you can use the request chassis beacon command to slow down the current blinking rate to 2 blinks per second. The slower-blinking and steadier green light acts as a beacon that leads you to an EX2300 or EX3400 switch or a particular port in a busy lab.

    Using options with the request chassis beacon command, you can do the following for one or all network port status LEDs on a specified FPC):

    • Turn on the beacon light for:

      • 5 minutes (default)

      • A specified number of minutes (1 through 120)

    • Turn off the beacon light:

      • Immediately

      • After a specified number of minutes (1 through 120)

    After the beacon light is turned off, the blinking rate for the network port’s status LED returns to 8 blinks per second.

    [See request chassis beacon.]

User Interface and Configuration

  • Support for configuring the ephemeral database using the NETCONF and Junos XML protocols (EX4300-48MP, EX9251, and EX9253 switches)—Starting in Junos OS Release 19.4R1, NETCONF and Junos XML protocol client applications can configure the ephemeral configuration database on EX4300-48MP, EX9251, and EX9253 switches. The ephemeral database provides a fast programmatic interface that enables multiple clients to simultaneously load and commit configuration changes on a device running Junos OS and with significantly greater throughput than when committing data to the candidate configuration database. The device’s active configuration is a merged view of the committed configuration database and the configuration data in all instances of the ephemeral configuration database.

    [See Understanding the Ephemeral Configuration Database.]

What's Changed

Learn about what changed in Junos OS main and maintenance releases for EX Series.

What's Changed in 19.4R3

Routing Protocols

  • Advertising /32 secondary loopback addresses to Traffic Engineering Database (TED) as prefixes (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—In Junos OS Release, multiple loopback addresses export into lsdist.0 and lsdist.1 routing tables as prefixes. This eliminates the issue of advertising secondary loopback addresses as router-ids instead of prefixes. In earlier Junos OS releases, multiple secondary loopback addresses in TED were added into lsdist.0 and lsdist.1 routing tables as part of node characteristics and advertised them as the router-id.

What's Changed in 19.4R2

Class of Service (CoS)

  • We’ve corrected the output of the show class-of-service interface | display xml command. The output is of the following sort: <container> <leaf-1> data </leaf-1><leaf-2>data </leaf-2> <leaf-3> data</leaf-3> <leaf-1> data </leaf-1> <leaf-2> data </leaf-2> <leaf-3> data </leaf-3> </container> will now appear correctly as <container> <leaf-1> data </leaf-1><leaf-2>data </leaf-2> <leaf-3> data</leaf-3></container> <container> <leaf-1> data </leaf-1> <leaf-2> data </leaf-2> <leaf-3> data </leaf-3> </container>.

General Routing

  • Support for full inheritance paths of configuration groups to be built into the database by default (EX Series and QFX Series)—Starting with Junos OS Release 19.4R2, the persist-groups-inheritance option at the [edit system commit] hierarchy level is enabled by default. To disable this option, use no-persist-groups-inheritance.

    [See commit (System).]

  • LLDP ON_CHANGE statistics support with JTI (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series)—Enhanced telemetry ON_CHANGE event support provides the following LLDP attributes: - When LLDP is enabled on interfaces, LLDP interface counters are notified along with other interface-level attributes. - ON_CHANGE event reports LLDP neighbor age and custom TLVs, as well as when a neighbor is initially discovered

    See Guidelines for gRPC and gNMI Sensors (Junos Telemetry Interface).

Multicast

  • Multicast Layer 2 transit traffic statistics by multicast source and group (EX4600, EX4650, and the QFX5000 line of switches)—Starting in Junos OS Release 19.4R2, EX4600, EX4650, and the QFX5000 line of switches provide statistics on the packet count for each multicast group and source when passing multicast transit traffic at Layer 2 with IGMP snooping. Run the show multicast snooping route extensive CLI command to see this count in the Statistics: … n packets output field. The other statistics in that output field, kBps and pps, are not available (values displayed there are not valid statistics for multicast traffic at Layer 2). In earlier Junos OS releases, all three values in the Statistics output field for kBps, pps, and packets do not provide valid statistics for multicast traffic at Layer 2.

    [See show multicast snooping route.]

Routing Protocols

  • Advertising /32 secondary loopback addresses to Traffic Engineering Database (TED) as prefixes (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—In Junos OS Release, multiple loopback addresses export into lsdist.0 and lsdist.1 routing tables as prefixes. This eliminates the issue of advertising secondary loopback addresses as router-ids instead of prefixes. In earlier Junos OS releases, multiple secondary loopback addresses in TED were added into lsdist.0 and lsdist.1 routing tables as part of node characteristics and advertised them as the router-id.

What's Changed in 19.4R1

Interfaces and Chassis

  • Logical Interface is created along with physical interface by default (MX Series, QFX Series, EX Series)—Starting in Junos OS Release 19.4R1, logical interfaces are created on ge, et, and xe interfaces along with the physical interface, by default. In earlier Junos OS releases, by default, only physical interfaces are created.

    For example, for ge interfaces, previously when you viewed the show interfaces command, by default, only the physical interface (ge-0/0/0), was displayed. Now, the logical interface (ge-0/0/0.16386) is also displayed.

Routing Protocols

  • XML RPC equivalent included for the show bgp output-scheduler | display xml rpc CLI command (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release 19.4R1, we have included an XML RPC equivalent for the show bgp output-scheduler | display xml rpc CLI command. In Junos OS releases before Release 19.4R1, the show bgp output-scheduler | display xml rpc CLI command does not have an XML RPC equivalent.

    [See show bgp output-scheduler.]

Known Limitations

Learn about known limitations in this release for EX Series. For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Platform and Infrastructure

  • The following error message might appear: Failed to complete DFE tuning. This error message has no functional impact and can be ignored. PR1473280

  • Because of storage issue ZTP functionality fails. Follow the methods given in the Knowledge Base to clean up the storage space as cleanup packages os-package.tgz and package-hooks-ex.tgz are not present in Junos OS Release 19.4X. PR1497123

Open Issues

Learn about open issues in Junos OS Release 19.4R3 for EX Series. For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Infrastructure

  • When xSTP/RTG is not configured in the network and there is a traffic loop, after the network loop is broken, sometimes MAC address learning might not happen. As a workaround, restart the PFEM. PR473454

  • On EX Series switches, if you are configuring a large-scale number of firewall filters on some interfaces, the FPC might crash and generate core files. PR1434927

  • On an EX9251 switch, IFDE: Null uint32 set vector, ifd and IFFPC: 'IFD Ether uint32 set' (opcode 151) error message is observed continuously in AD with base configurations. PR1485038

  • OID ifOutDiscards reports zero and sometimes shows a valid value. PR1522561

Interfaces and Chassis

  • After GRES, the VSTP port cost on aggregated Ethernet interfaces might get changed, leading to a topology change. PR1174213

Layer 2 Features

  • GARP error message DND_ANUPAM_JUNE_10_client eswd[1203]: vlan_interface_admin_up: vif ifl flags 0xc000 is generated when there is a deletion or addition of MAC address in the FDB. PR1192520

Platform and Infrastructure

  • On an EX2300 switch, the output of the show chassis routing-engine command might display an incorrect value of Router rebooted after a normal shutdown for the last reboot reason field. PR1331264

  • When VLAN is added as an action for changing the VLAN in both ingress and egress filters, the filter is not installed. PR1362609

  • Scale of 150 VRRP is not tested before; there are no issues observed for 100 VRRP groups. At the higher scale, there are no drops but traffic gets flooded for groups beyond 100. PR1371520

  • On an EX9208 switch, a few xe- interfaces go down with the following error message: if_msg_ifd_cmd_tlv_decode ifd xe-0/0/0 #190 down with ASIC Error. PR1377840

  • On EX Series platforms, the DHCP/PPP subscribers might fail to bind. The reason is that when you install a new software image, its shared memory (created by the previously running image) might not be cleared out. The issue persists until the previous values in the shared memory are removed and the daemons affected by the data in the shared memory continue generating core files. Thus they will not be able to function properly. PR1396470

  • On EX Series platforms, unicast RPF check in strict mode might not work properly. PR1417546

  • When the chassisd process receives incorrect values from LCMD for the RPM values, the fan status changes to Failed from OK, and vice versa. PR1417839

  • The runt counter never incremented in the output of the show interface x/x/x extensive command when a runt packet with less than 64 Bytes frame size is received. The packet will be dropped as expected. PR1419724

  • On the EX9208 devices, traffic loss is observed if ingress and egress ports are in different FPCs. PR1429714

  • The EX4300-48MP switch cannot learn MAC address through some access ports that are directly connected to a host when autonegotiation is used. PR1430109

  • On the EX9214 switch, if the MACsec-enabled link flaps after reboot, the error errorlib_set_error_log(): err_id(-1718026239) is observed. PR1448368

  • On EX9208 switches, 33 percent degradation in MAC learning rate is observed in Junos OS Release 19.3R1 while comparing with Junos OS Release 18.4R1. PR1450729

  • In overall commit time, the evaluation of mustd constraints is taking 2 seconds more than usual. This is because the persist-group-inheritance feature has been made as a default feature in the latest Junos OS releases. Eventually, this feature helps improve the subsequent commit times for scaled configurations significantly. The persist-group-inheritance feature is useful in customer scenarios where groups and nested groups are used extensively. In those scenarios, the group inheritance paths are not built every time, thus subsequent commits are faster. PR1457939

  • On EX2300 and EX3400 platforms, when doing an upgrading operation, as image size grows over a period of time and subsequently storage is insufficient to install images, the upgrade might fail with the error message not enough space to unpack. PR1464808

  • On an EX9214, while verifying the last-change op-state value through XML, rpc-reply message is inappropriate. PR1492449

  • On the EX4300-48MP and EX4300 Virtual Chassis, if the LAG interface with member interfaces of 40G or 100G is configured across the master and the standby FPCs of the Virtual Chassis, the OSPF configured on the IRB interface over this LAG might be stuck in ExStart state. The issue impacts the establishment of the OSPF neighbor. PR1498903

  • On EX4300-48MP platforms with multi-rate gigabit ethernet (mge) interfaces, if a mge interface which is located within port range 24-47 is connected with some specific devices (for example: a bypass module from DELL), when the far end of the link goes down, the mge interface might still stay up. It leads to traffic drop when sending traffic through the affected link. PR1502467

  • A 35-second delay is added in reboot time from Junos OS Release 20.2R1 compared to Junos OS Release 19.4R2. PR1514364

  • LLDP might not work on non-aggregated Ethernet interfaces. PR1538401

  • In Junos fusion, l2cpd core file might be generated upon deactivating and activating chassis satellite-management multiple times. PR1545310

Routing Protocols

  • On EX9251 platform, ECDSA256+SHA256 is not used for software integrity checking because of issue with FIPS mode and telnet to device does not work. PR1504211

  • On EX4300 platforms, OSPFv3 configured with IPsec authentication, the OSPFv3 adjacency is not established after device reboot. PR1525870

Virtual Chassis

  • EX4650 switches generate the following messages during booting:

    bcmsdk_5_9_x kldKLD bcmsdk_5_9_x.ko: depends on acb - not available or version mismatch

    linker_load_file: Unsupported file type

    kldload: an error occurred while loading the module

    This message does not have any effect on the feature or functionality. PR1527170

Resolved Issues

Learn which issues were resolved in Junos OS main and maintenance releases for EX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: 19.4R3

Authentication and Access Control

  • On the EX4600 and EX4300 switches, MAC entry is not present in the Ethernet Switching table for the MAC-RADIUS client in a server fail scenario when tagged traffic is sent for the second client. PR1462479

  • The authd process might have memory leak in dot1x scenario with RADIUS authentication. PR1503117

  • On the EX2300-48MP switch, authentication failure might occur on the captive portal. PR1504818

  • The Junos OS event DOT1XD_AUTH_SESSION_DELETED might not be triggered with a single supplicant mode. PR1512724

  • The dot1x client will not be moved to the hold state when the authenticated PVLAN is deleted. PR1516341

EVPN

  • The l2ald memory leak might be observed in any EVPN scenario. PR1498023

  • The VXLAN function might be broken due to a timing issue. PR1502357

  • Unable to create a new VTEP interface. PR1520078

Infrastructure

  • The fxpc process might crash when configuring scaled configuration with 4093 VLANs. PR1493121

  • The IP communication between directly connected interfaces on the EX4600 switch might fail. PR1515689

Interfaces and Chassis

  • A stale IP address might be seen after a specific order of configuration changes under logical-systems scenario. PR1477084

  • Traffic over MC-LAG drops because the next-hop points ICL link instead of MC-LAG. PR1486919

Layer 2 Features

  • On EX4650 switches with Q-in-Q, the third VLAN tag is not pushed onto the stack and SWAP is being done instead. PR1469149

  • Traffic imbalance might be observed on EX4600 switches if hash-params is not configured. PR1514793

  • MAC address in hardware table might become out of sync between master and member in Virtual Chassis after MAC flap. PR1521324

Platform and Infrastructure

  • Virtual Chassis split is seen after the network topology is changed. PR1427075

  • On the EX4600 switch, traffic loss might be seen with framing errors or runts if MACsec is configured. PR1469663

  • On the EX4600 switch, DSCP marking might not work as expected if the fixed classifiers are applied to interfaces. PR1472771

  • MAC learning under bridge domain stops after MC-LAG interface flaps. PR1488251

  • On EX2300 switches, high CPU load due to receipt of specific multicast packets on Layer 2 interface. PR1491905

  • IPv6 neighbor solicitation packets might be dropped in a transit device. PR1493212

  • Packets get dropped when the next hop is IRB over LT-interface. PR1494594

  • On the EX4300 switch, the NSSU upgrade might fail due to a storage issue in the /var/tmp directory. PR1494963

  • High CPU load due to receipt of specific IPv4 packets. PR1495129

  • The fxpc process might crash when renumbering the master member ID value of the EX2300 and EX3400 Virtual Chassis. PR1497523

  • Outbound SSH connection flap or memory leak issue might be observed when pushing configuration to ephemeral database with high rate. PR1497575

  • Traffic might get dropped if aggregated Ethernet member interface is deleted and then added or a SFP of the aggregated Ethernet member interface is unplugged or plugged. PR1497993

  • Firewall filter might not get applied on EX4600 switches. PR1499647

  • On the EX4300, EX3400, and EX2300 Virtual Chassis with NSB and xSTP enabled, the continuous traffic loss might be observed while doing GRES. PR1500783

  • On the EX4300 switch, traffic loss might be seen with framing errors or runts if MACsec is configured. PR1502726

  • LLDP packets are not acquired when native-vlan-id configured is the same as tagged vlan-id. PR1504354

  • The isolated VLAN from the RADIUS server is not deleted when the interface flaps. PR1506427

  • The output VLAN push might not work. PR1510629

  • LLDP might not work when PVLAN is configured on EX Series Virtual Chassis. PR1511073

  • On EX4300 switches, LACP goes down after performing Routing Engine switchover if the MACsec is enabled on the LAG members. PR1513319

  • Last commit line in configuration is updated after the backup configuration has been done. PR1513499

  • The 100M SFP-FX is not supported on satellite device in Junos fusion setup. PR1514146

  • The "dot1x" memory leak is observed. PR1515972

  • The dcpfe process might crash because of memory leak. PR1517030

  • On EX4300 switches, redirected IP traffic is being duplicated. PR1518929

  • MPPE-Send/Recv-key attribute is not extracted correctly by dot1xd. PR1522469

  • The show interface extensive output Drops and Dropped Packets counters are double counting. PR1525373

Routing Protocols

  • The FPC process goes to the NotPrsnt state after upgrading the QFX5100 Virtual Chassis and Virtual Chassis Fabric. PR1485612

  • The BGP route-target family might prevent the route reflector from reflecting Layer 2 VPN and Layer 3 VPN routes. PR1492743

  • On EX4300-MP and EX4600 switches, high CPU load due to receipt of specific Layer 2 frames in EVPN-VXLAN deployment and specific Layer 2 frames when deployed in a Virtual Chassis configuration. PR1495890

  • Firewall filter could not work in certain conditions in a Virtual Chassis setup. PR1497133

  • The rpd process might report 100 percent CPU usage with BGP route damping enabled. PR1514635

  • Packet loss might be observed while verifying traffic from access to core network for IPv4 and IPv6 interfaces. PR1520059

User Interface and Configuration

  • Installing J-Web application package might fail on the EX2300 and EX3400 switches. PR1513612

  • J-Web does not display the correct flow-control status on EX Series devices. PR1520246

Resolved Issues: 19.4R2

Class of Service (CoS)

  • Shaping does not work after the reboot if shaping-rate is configured. PR1432078

  • The traffic is placed in network-control queue on an extended port even if it comes in with a different DSCP marking. PR1433252

EVPN

  • The ESI of IRB interfaces does not update after an autonomous-system number change if the interface is down. PR1482790

Forwarding and Sampling

  • Type 1 ESI/AD route might not be generated locally on an EVPN PE device in all-active mode. PR1464778

General Routing

  • The l2cpd process might crash and generate a core file when interfaces are flapping. PR1431355

  • IRB over VTEP unicast traffic might get dropped on EX9200 platforms. PR1436924

  • The MAC pause frames will increment in the receive direction if half-duplex mode on 10-Mbps or 100-Mbps speed is configured. PR1452209

  • Link-up delay and traffic drop might be seen on mixed service provider Layer 2 or Layer 3 type and enterprise style Layer 2 type configurations. PR1456336

  • MAC addresses learned on an RTG might not be aged out after the aging time. PR1461293

  • The RTG link is nearly 20 seconds down when the backup node is rebooting. PR1461554

  • On EX Series switches with ELS, some command lines to disable MAC learning are not working. PR1464797

  • The jdhcpd might consume high CPU and no further subscribers can be brought up if there are more than 4000 DHCP relay clients in the MAC move scenario. PR1465277

  • The MAC move message might have an incorrect from interface when rapid MAC moves happen. PR1467459

  • FPCs might get disconnected from the EX3400 Virtual Chassis briefly after image upgrade or reboot. PR1467707

  • Optics measurements might not be streamed for interfaces of a PIC over JTI. PR1468435

  • SSH session closes while you check for the show configuration | display set command for both local and non-local users. PR1470695

  • EX3400 is advertising only 100 Mbps when configured with 100-Mbps speed with autonegotiation enabled. PR1471931

  • The shaping of CoS does not work after reboot. PR1472223

  • CoS 802.1p bits rewrite might not happen in Q-in-Q mode. PR1472350

  • The RIPv2 packets forwarded across a Layer 2 circuit connection might be dropped. PR1473685

  • On EX4300 switches, the output of the show security macsec statisitics command shows incorrect high values. PR1476719

  • The dhcpd process might crash in a Junos fusion environment. PR1478375

  • Core files are generated at cassis_alloc_list_timed_free in cassis_free_thread_entry. PR1478392

  • TFTP installation from the loader prompt might not succeed on the EX Series switches. PR1480348

  • ARP request packets for unknown hosts might get dropped in the remote PE device in an EVPN-VXLAN scenario. PR1480776

  • On EX2300, SNMP traps are not generated when the MAC addresses limit is reached. PR1482709

  • DHCP binding fails while verifying DHCPv4 snooping fucntionality in a private VLAN with a firewall to block or allow certain IPv4 packets. PR1490689

  • Traffic loss might be seen under MC-LAG scenario on EX4650. PR1494507

Infrastructure

  • Continuous dcpfe error messages and eventd process hog might be seen in an EX2300 Virtual Chassis scenario. PR1474808

  • Kernel core file might be generated if you deactivate daemon on EX2300 and EX3400 platforms. PR1483644

Interfaces and Chassis

  • Executing commit might hang because of a stuck dcd process. PR1470622

Junos Fusion for Enterprise

  • The SDPD generates core files at vfpc_all_eports_deletion_complete vfpc_dampen_fpc_timer_expiry. PR1454335

  • Loop detection might not work on extended ports in a Junos fusion scenario. PR1460209

Junos Fusion Satellite Software

  • Temperature sensor alarms are seen on EX4300 switches in a Junos fusion scenario. PR1466324

Layer 2 Features

  • The LLDP function might fail when a Juniper Networks device connects to a non-Juniper device. PR1462171

  • Traffic might be affected if composite next hop is enabled. PR1474142

Layer 2 Ethernet Services

  • Member links state might be asychronized on a connection between a PE device and a CE device in an EVPN A/A scenario. PR1463791

  • Confirm and reply packets might not get processed correctly because of issues with DHCPv6 relay processing. PR1496220

MPLS

  • BGP session might keep flapping between two directly connected BGP peers because of the incorrect usage of the TCP-MSS. PR1493431

Platform and Infrastructure

  • The IRB traffic might drop after a mastership switchover. PR1453025

  • The OSPF neighbor might go down when mDNS or PTP traffic is received at a rate higher than 1400 pps. PR1459210

  • Traffic loss might be observed for more than 20 seconds when performing NSSU on EX4300 Virtual Chassis. PR1461983

  • IGMP reports are dropped with mixed enterprise/SP configuration styles on EX4300 switches.PR1466075

  • The switch might not be able to learn MAC addresses with dot1x and interface-mac-limit configured. PR1470424

  • On an EX4300, the input firewall filter attached to isolated or community VLANs is not matching dot1p bits on the VLAN header. PR1478240

  • The traffic destined to a VRRP VIP might be dropped after the IRB interface is disabled on the initial VRRP master. PR1491348

Routing Protocols

  • BGP IPv4 or IPv6 convergence and RIB install or delete time degraded in Junos OS Releases 19.1R1, 19.2R1, 19.3R1, and 19.4R1. PR1414121

  • The MUX state in an LACP interface does not go to collecting and distributing and remains attached after enabling the aggregated Ethernet interface. PR1484523

  • FPC might go to "NotPrsnt" state after upgrading with non-tvp image in Virtual Chassis or Virtual Chassis Fabric setup. PR1485612

User Interface and Configuration

  • The umount: unmount of /.mount/var/val/chroot/packages/mnt/jweb-ex32-d2cf6f6b failed: Device busy message is seen when Junos OS is upgraded with the validate option. PR1478291

Virtual Chassis

  • Disabling one of the VCP ports might result in other VCP port to flap. PR1469257

Resolved Issues: 19.4R1

Authentication and Access Control

  • After rebooting the preloaded box, the SSL certificate is not displayed. PR1431086

EVPN

  • In EVPN scenario, the IRB logical interface might not come up when the local Layer 2 interface is down. PR1436207

  • ARP request or Neighbor Solicitation (NS) message might be sent back to the local segment by the DF router. PR1459830

  • The rpd might crash after changing EVPN related configuration. PR1467309

General Routing

  • On the EX3400, when me0 ports are connected between two EX3400 switches, the link does not come up. PR1351757

  • Transit OSPF traffic over Q-in-Q tunneling might be dropped if a firewall filter is applied to the Lo0 interface. PR1355111

  • The l2ald process might crash and generate a core file on EX2300 Virtual Chassis when converted a trunk port is converted to a dot1x access port with tagged traffic flowing. PR1362587

  • The interface on the failed member FPC of EX2300 and EX3400 Virtual Chassis might stay up for 120 seconds. PR1422507

  • IPv6 multicast traffic received on one Virtual Chassis member might be dropped when egressing on another Virtual Chassis member if MLD snooping is enabled. PR1423310

  • MAC addresses overlaps between different switches. PR1425123

  • The delay in transmission of BPDUs after GRES might result in loss of traffic on EX2300 and EX3400 Virtual Chassis. PR1428935

  • Erroneous log messages and chassis environment output related to the fan tray in EX4300MP and EX4300-48P Virtual Chassis. PR1431263

  • The l2cpd process might crash and generate a core file when interfaces flap. PR1431355

  • Packet drop might be seen if native VLAN is configured along with flexible VLAN tagging. PR1434646

  • Micro BFD session might flap upon inserting a QSFP to other port. PR1435221

  • The mc-ae interface might get stuck in waiting state in a dual mc-ae scenario. PR1435874

  • Commit check error for VSTP on the EX9200 line of switches xSTP:Trying to configure too many interfaces for given protocol. PR1438195

  • LED turns on even after the Virtual Chassis members are powered off. PR1438252

  • The DHCP snooping table might be cleared for VLAN ID 1 after adding a new VLAN ID to it. PR1438351

  • The rpd process might generate a core file when the router boots up because of a file pointer issue because there are two code paths that can close the file. PR1438597

  • The dot1x might not work when captive-port is also configured on the interface on the backup or nonmaster FPC. PR1439200

  • DHCPv6 relay binding is not up while verifying DHCP snooping along with DHCPv6 relay. PR1439844

  • EX4600 Virtual Chassis does not come up after replacing the Virtual Chassis port from fiber connection to DAC cable. PR1440062

  • CPU might hang or interface might get stuck on a particular 100-Gigabit Ethernet port on EX Series switches. PR1440526

  • MAC addresses learned on RTG might not be aged out after a Virtual Chassis member is rebooted. PR1440574

  • Clients in isolated VLAN might not get IP addresses after completing authentication when both dhcp-security and dot1x are configured. PR1442078

  • On the EX3400, the fan alarm Fan X not spinning appears and disappears repeatedly after the fan tray is removed. PR1442134

  • The rpd might crash when the BGP sends a notification message. PR1442786

  • DHCPv6 client might fail to get an IP address. PR1442867

  • Non-designated port does not move to the backup port role. PR1443489

  • The /var/host/motd does not exist message is flooded every 5 seconds in chassisd logs. PR1444903

  • On the EX4300-MP, the following log messages is generated continuously: rpd[6550]: task_connect: task AGENTD I/O.128.0.0.1+9500 addr 128.0.0.1+9500: Connection refused. PR1445618

  • On the EX3400 dot1xd core file is found at macsec_update_intf macsec_destroy_ca. PR1445764

  • Major alarm log messages for temperature conditions are generated for the EX4600 at 56 degrees Celsius. PR1446363

  • Traffic might be dropped when a firewall filter rule uses 'then vlan' as the action in a Virtual Chassis scenario. PR1446844

  • The phone-home feature might fail on EX3400 switches because sysctl cannot read the device serial number. PR1447291

  • On EX3400, Virtual Chassis might hang when a disk error occurs. PR1447853

  • Unicast ARP requests do not receive a reply with the no-arp-trap option. PR1448071

  • On EX3400, IPv6 routes received through BGP do not show the correct age time. PR1449305

  • Except one aggregated Ethernet member link, the other links do not send out sFlow sample packets for ingress traffic. PR1449568

  • DHCP snooping static binding does not take effect after deleting and readding the entries. PR1451688

  • The l2ald and eventd processes are hogging 100 percent after issuing the clear ethernet-switching table command. PR1452738

  • Configuration change in the VLAN all option might affect the per-VLAN configuration. PR1453505

  • Version compare in PHC might fail and the same image might be downloaded. PR1453535

  • Packet drops might be seen after removing and reinserting the SFP transceiver of the 40-Gigabit Ethernet uplink module ports. PR1456039

  • Syslog message Timeout connecting to peer database-replication is generated when the command show version detail is issued. PR1457284

  • SNMP trap messages are generated after an upgrade even though the temperature is within the system thresholds. PR1457456

  • The correct VoIP VLAN information in LLDP-MED packets might not be sent after commit if dynamic VoIP VLAN assignment is used. PR1458559

  • The fxpc process might crash because the BGP IPv6 session flaps. PR1459759

  • Storage space limitation leads to image installation failure when the phone-home client is used on EX2300 and EX3400 devices. PR1460087

  • Configure any combination of VLANs and interfaces under VSTP/MSTP might cause VSTP/MSTP related configuration cannot be committed. PR1463251

  • The Virtual Chassis function might brake after an upgrade on EX2300 and EX3400 devices. PR1463635

  • On the EX2300, FXPC core file is generated after mastership election based on user priority. PR1465526

Infrastructure

  • The operations on the console might not work if the system ports console log-out-on-disconnect statement is configured. PR1433224

  • The recovery snapshot cannot be created after system zeroization. PR1439189

  • On EX4300 CLI configuration on-disk-failure is not supported in Junos OS Release 18.2R3-S2. PR1450093

  • Certain EX Series platforms might generate VM core files by panic and reboot. PR1456668

  • Error messages related to soft reset of port because the queue buffers are stuck might be seen on EX4600-EX4300 VC. PR1462106

  • The traffic is dropped on EX4300-48MP device acting as a leaf in Layer 2 IP fabric EVPN VXLAN environment. PR1463318

Interfaces and Chassis

  • VRRP-V6 state flaps with init and idle states after configuring vlan-tagging. PR1445370

  • The traffic might be forwarded to incorrect interfaces in MC-LAG scenario. PR1465077

Junos Fusion Enterprise

  • Reachability issue of the host connected to the SD might be affected in a Junos Fusion Enterprise environment with EX9200 Series devices as AD. PR1447873

Junos Fusion Satellite Software

  • The dpd might crash on satellite devices in a Junos Fusion Enterprise environment. PR1460607

J-Web

  • Some error messages might be seen when using J-Web. PR1446081

Layer 2 Ethernet Services

  • The jdhcpd_era log files constantly consume 121M of space out of 170M, resulting in a full file system and affecting traffic. PR1431201

  • DHCP request might get dropped in DHCP relay scenario. PR1435039

  • On EX9200, the DHCP relay strips the 'GIADDR' field in messages towards the DHCP clients. PR1443516

Layer 2 Features

  • Ethernet Ring Protection Switching (ERPS) nodes might not converge to IDLE state after failure recovery or reboot. PR1431262

  • The MAC/ARP learning might not work for copper base SFP-T on EX4600. PR1437577

  • The fxpc core files might be generated when committing the configuration. PR1467763

Platform and Infrastructure

  • LACP DDoS policer is incorrectly triggered by other protocols traffic on all EX92XX Series platforms. PR1409626

  • Over temperature SNMP trap is generated incorrectly for LC (EX4300-48P) based on master Routing Engine (EX4300-48MP) temperature threshold value. PR1419300

  • Packet drops, replication failure, or ksyncd crash might be seen on the logical system of a Junos OS device after Routing Engine switchover. PR1427842

  • IPv6 traffic might be dropped when static /64 IPv6 routes are configured. PR1427866

  • Unicast ARP requests are not replied to with no-arp-trap option. PR1429964

  • The device might not be accessible after the upgrade. PR1435173

  • The FPC/pfex might crash due to DMA buffer leaking. PR1436642

  • The laser TX might be enabled while the interface is disabled. PR1445626

  • The PoE might not work after upgrading the PoE firmware on EX4300 platforms. PR1446915

  • The firewall filters might not be created due to TCAM issues. PR1447012

  • NSSU causes traffic loss again after the backup to master transitions. PR1448607

  • On certain MPC line cards, cm errors need to be reclassified. PR1449427

  • The REST service might become nonresponsive when the REST API receives several continuous HTTP requests. PR1449987

  • The traffic for some VLANs might not be forwarded when vlan-id-list is configured. PR1456879

  • ERP might not revert to idle state after reload or reboot of multiple switches. PR1461434

Routing Protocols

  • Host-destined packets with filter log action might not reach to the Routing Engine if log/syslog is enabled. PR1379718

  • On EX9208, BGP IPv4/IPv6 convergence and RIB install/delete time is degraded in Junos OS Releases 19.1R1, 19.2R1, 19.3R1, and 19.4R1. PR1414121

  • The fxpc core file might be generated during the reboot of EX4600 switches. PR1432023

  • Error message RPD_DYN_CFG_GET_PROF_NAME_FAILED: Get profile name for session XXX failed: -7 might be seen in syslog after restarting the routing daemon. PR1439514

  • Traffic might be dropped after the Q-in-Q enabled interface flaps or a change is made to the vlan-id-list. PR1441402

  • IPv6 connectivity between MC-LAG peers might fail when multiple IRB interfaces are present. PR1443507

  • Junos OS BFD sessions with authentication flaps after a certain time. PR1448649

  • Loopback address exported into other VRF instance might not work on EX Series platforms. PR1449410

  • MPLS LDP might still use stale MAC of the neighbor even when the LDP neighbor's MAC changes. PR1451217

  • Changing "other querier present interval" timer is not working on IGMP/MLD snooping device in the existing bridge domain (BD) or listener domain (LD). PR1461590

User Interface and Configuration

  • EX4600 switches are unable to commit baseline configuration after zeroization. PR1426341

  • Problem with access to J-Web after updating from Junos OS Release 18.2R2 to 18.2R3. PR1454150

Virtual Chassis

  • Current MAC address might change after deleting one of the multiple Layer 3 interfaces. PR1449206

Documentation Updates

This section lists the errata and changes in Junos OS Release 19.4R3 for the EX Series switches documentation.

Feature Guides Are Renamed As User Guides

  • Starting with Junos OS 19.4R1, we renamed our Feature Guides to User Guides to better reflect the purpose of the guides. For example, the BGP Feature Guide is now the BGP User Guide. We didn’t change the URLs of the guides, so any existing bookmarks you have will continue to work. To keep the terminology consistent on our documentation product pages, we renamed the Feature Guides section to User Guides. To find documentation for your specific product, check out this link.

Migration, Upgrade, and Downgrade Instructions

This section contains the upgrade and downgrade support policy for Junos OS for the EX Series. Upgrading or downgrading Junos OS can take several hours, depending on the size and configuration of the network. For information about software installation and upgrade, see the Installation and Upgrade Guide.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.

You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1, 17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from Junos OS Release 17.1 to Release 17.3.

You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.

For more information about EEOL releases and to review a list of EEOL releases, see https://support.juniper.net/support/eol/software/junos/.

Release History Table
Release
Description
Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled into the Junos OS image by default. Both packages support the Junos Telemetry Interface (JTI).