Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Junos OS Release Notes for the QFX Series

 

These release notes accompany Junos OS Release 19.4R3 for the QFX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

What's New

Learn about new features introduced in the Junos OS main and maintenance releases for QFX Series switches.

Note

The following QFX Series platforms are supported in Release 19.4R3: QFX5100, QFX5110 (32Q and 48S), QFX5120, QFX5200, QFX5200-32CD, QFX5210, QFX10002, QFX10002-60C, QFX10008, and QFX10016.

Junos on White Box runs on Accton Edgecore AS7816-64X switches in this release. The software is based on Junos OS running on QFX5210 switches, so release-notes items that apply to QFX5210 switches also apply to Junos on White Box.

What's New in Release 19.4R3

There are no new features or enhancements to existing features for QFX Series Junos OS Release 19.4R3.

What's New in Release 19.4R2

Software Defined Networking

  • VMware NSX Data Center for vSphere 6.4.5 and 6.4.6 certification (QFX5100 Virtual Chassis)—Starting with Junos OS Release 19.4R2, Juniper Networks certifies QFX5100 Virtual Chassis as a hardware Virtual Extensible LAN (VXLAN) gateway in an Open vSwitch Database (OVSDB) and VXLAN network with a VMware NSX Data Center for vSphere 6.4.5 or 6.4.6 controller.

    [See OVSDB-VXLAN User Guide for QFX Series Switches (VMware NSX).]

What's New in Release 19.4R1

EVPN

  • Layer 2 and Layer 3 VXLAN gateways (QFX5120-32C switches)—Starting with Junos OS Release 19.4R1, you can deploy QFX5120-32C switches as follows:

    • As a Layer 2 VXLAN gateway, or a Layer 2 and Layer 3 VXLAN gateway in an EVPN overlay network

    • As a Layer 2 VXLAN gateway in an Open vSwitch Database (OVSDB) overlay network

    VXLAN is an overlay technology that allows you to stretch Layer 2 connections over an intervening Layer 3 network by encapsulating (tunneling) Ethernet frames in a VXLAN packet that includes IP addresses. Using VXLANs to connect Layer 2 domains over a Layer 3 network means that you do not need to use the Spanning Tree Protocol (STP) to converge the topology (so no links are blocked) but can use more robust routing protocols in the Layer 3 network instead.

    [See Understanding VXLANs.]

  • EVPN pure type-5 route support (QFX5120-32C switches)—Starting with Junos OS Release 19.4R1, you can configure pure type-5 routing in an EVPN-VXLAN environment. Pure type-5 routing is used when the Layer 2 domain does not exist at the remote data centers. A pure type-5 route advertises the summary IP prefix and includes a BGP extended community called a router MAC, which carries the MAC address of the sending switch and provides next-hop reachability for the prefix. To configure pure type-5 routing, include the ip-prefix-routes advertise direct-nexthop statement at the [edit routing-instances routing-instance-name protocols evpn] hierarchy level. To enable two-level equal-cost multipath (ECMP) next hops in an EVPN-VXLAN overlay network, you must also include the overlay-ecmp statement at the [edit forwarding-options vxlan-routing] hierarchy level.

    [See ip-prefix-routes.]

  • EVPN control plane and VXLAN data plane support (QFX5120-32C switches)—Starting with Junos OS Release 19.4R1, QFX5120-32C switches support EVPN-VXLAN. By using a Layer 3 IP-based underlay network coupled with an EVPN-VXLAN overlay network, you can place endpoints anywhere in the network and remain connected to the same logical Layer 2 network.

    EVPN-VXLAN is commonly deployed over the following physical underlay architectures:

    • A two-layer IP fabric that includes spine devices (Layer 3 VXLAN gateways) and leaf devices (Layer 2 VXLAN gateways). You can deploy EX4650 and QFX5120 switches as spine or leaf devices in this fabric.

    • A one-layer IP fabric that includes leaf devices that function as both Layer 2 and Layer 3 VXLAN gateways. You can deploy EX4650 and QFX5120 switches as leaf nodes in this fabric.

    [See Understanding EVPN with VXLAN Data Encapsulation.]

  • Dynamic load balancing in an EVPN-VXLAN overlay network (QFX5200 and QFX5210)—In Junos OS Releases before Release 19.4R1, QFX5200 and QFX5210 switches support a static load-balancing scheme based on destination MAC addresses. This scheme distributes traffic on a round-robin basis among virtual tunnel endpoints (VTEPs) in an EVPN-VXLAN overlay network.

    Starting in Junos OS Release 19.4R1, QFX5200 and QFX5210 switches that function as leaf or spine devices in an EVPN-VXLAN overlay network (centrally-routed and edge-routed bridging overlays) support dynamic load balancing among different equal-cost VTEPs. When enabled, the dynamic load-balancing feature supersedes the static load-balancing feature. With the dynamic feature, traffic is hashed among equal-cost paths based on packet fields. We support this feature in the following use cases:

    • A leaf device is multihomed to multiple spine devices.

    • A host is multihomed to multiple leaf devices.

    In both use cases, each multihomed physical, aggregated Ethernet, or logical interface is configured with an Ethernet segment identifier (ESI). Dynamic load balancing supports a maximum of 255 ESIs. If you exceed this maximum (for example, you configure 256 ESIs), traffic destined for the 256th ESI is flooded to the VLAN associated with the ESI.

    The hashing takes place before a packet undergoes VXLAN encapsulation. We use these fields to load-balance traffic:

    • Packets with an IP header:

      • IP header fields:

        • Source IP address

        • Destination IP address

        • Protocol

      • VLAN ID

      • Layer 4 (TCP and UDP) source and destination ports

    • Packets with an MPLS/IP header:

      • Up to three top labels

      • IP header fields:

        • Source IP address

        • Destination IP address

      • Layer 4 (TCP and UDP) source and destination ports

    • Packets with a Layer 2 header only:

      • Source MAC address

      • Destination MAC address

      • VLAN ID

    To enable dynamic load balancing, include the vxlan-overlay-load-balance configuration statement at the [edit forwarding-options] hierarchy level and restart your switch.

    To further control the hashing input used by this feature, include the enhanced-hash-key configuration statement at the [edit forwarding-options] hierarchy level.

  • Assisted replication in data centers with EVPN-VXLAN overlay networks (QFX Series switches)—Starting in Junos OS Release 19.4R1, QFX Series switches support assisted replication (AR) in data centers with EVPN-VXLAN networks to optimize replication of BUM traffic forwarded into the EVPN core. Instead of flooding BUM traffic using ingress replication to multiple remote virtual tunnel endpoints (VTEPs) for a VLAN or virtual network identifier (VNI), devices configured as AR leaf devices (also called AR clients) forward the traffic to an AR replicator device that can better handle the replication load. The AR replicator then replicates and forwards the traffic to the VXLAN overlay tunnels. For further optimization, you can configure AR with IGMP snooping.

    Switches in the QFX10000 line can be AR replicators. Any QFX Series switches that support EVPN-VXLAN can be AR leaf devices.

    [See Assisted Replication Multicast Optimization in EVPN Networks.]

  • Support for EVPN routing policies (ACX5448, EX4600, EX4650, EX9200, MX Series, QFX Series, and vMX)—Starting in Junos OS Release 19.4R1, Junos OS has expanded routing policy support to include the creation and application of policy filters specific to EVPN routes. You can create policies and apply policy filters to import and export EVPN routes at the routing-instance level or at the BGP level. Junos OS supports the following matching criteria for EVPN routes:

    • Route distinguisher ID

    • NLRI route type

    • EVPN Ethernet tag

    • BGP path attributes

    • Ethernet Segment Identifier

    • MAC Address on EVPN route type 2 routes

    • IP address on EVPN route type 2 and EVPN route type 5 routes

    • Extended community

    [See Routing policies for EVPN.]

  • Features supported on EX4650 and QFX5120 switches—Starting with Junos OS Release 19.4R1, the following Junos OS features are supported on EX4650 and QFX5120 switches:

General Routing

  • Optimized BGP peer reestablishment (MX Series, PTX Series, and QFX Series)—Starting with Junos OS Release 19.4R1, BGP peers in different groups can close in parallel. The connect/retry algorithm makes 16 attempts instead of 5 to reestablish BGP peers in the first 256 seconds after they go down. Peers can reestablish while cleanup of the Adj-RIB-In routes is in progress. If a peer comes back up before its route has been deleted from the routing table, that route is not deleted. The DeletePending flag in the show route detail and show route extensive command output indicates that a BGP route needs to be processed. PurgePending, PurgeInProgress, and PurgeImpatient flags in the show bgp neighbor command output show the status of the purge of routing table entries.

    [See Understanding External BGP Peering Sessions, show bgp neighbor, show route detail, and show route extensive.]

Hardware

  • Support for 40-Gbps ports to operate at 10-Gbps or 1-Gbps speed (QFX5200 and QFX5110 switches)—Starting in Junos OS Release 19.4R1, you can use the Mellanox 10-Gbps pluggable adapter (QSFP+ to SFP+ adapter— model number: MAM1Q00A-QSA) to convert quad-lane based ports to a single-lane based SFP+ port. The QSA adapter has the QSFP+ form factor with a receptacle for the SFP+ module. Use the QSA adapter to convert a 40-gigabit port to a 10-Gbps port or a 1-Gbps port .You can then plug-in a 10-Gbps SFP+ transceiver or a 1–Gbps SFP transceiver into the QSA adapter which is inserted into the QSFP or QSFP+ ports of the QFX5200 and QFX5110 switches. [See supported QFX5110 Transceivers and QFX5200 Tranceivers].

Interfaces and Chassis

  • QFX5110 supports JNP-SFPP-10GE-T—Starting in Junos OS Release 19.4R1, QFX5110 switches support the new copper 10GBASE-T SFP+ transceiver (JNP-SFPP-10GE-T), which provides a speed of 10 Gbps. Use the existing show commands such as show chassis pic and show chassis hardware to view the details of the transceivers.

    Note

    In case a device with a different interface speed (that is, 1 Gbps or 100 Mbps) is connected on the other side of the wire, the interface on the Juniper device does not come up.

    [See show chassis pic and show chassis hardware.]

  • Support for dynamic load balancing (QFX5120-32C and QFX5120-48Y)—Starting in Junos OS Release 19.4R1, QFX5120-32C and QFX5120-48Y switches support dynamic load balancing (DLB) for ECMP and LAG. DLB is an enhancement to static load balancing. DLB considers member bandwidth utilization along with packet content for member selection.

    You can use the following DLB modes to load-balance traffic:

    • Flowlet

    • Assigned flow

    • Per-packet

    To configure DLB for ECMP, include the ecmp-dlb statement at the [edit forwarding-options enhanced-hash-key] hierarchy level.

    To configure DLB for LAG, include the dlb statement at the [edit interfaces aex aggregated-ether-options] hierarchy level.

    Note

    You cannot configure both DLB and resilient hashing at the same time. Otherwise, commit error will be thrown.

    [See Understanding Dynamic Load Balancing and Configuring Dynamic Load Balancing.]

  • Support for 10-Gbps speed using JNP-SFP-25G-DAC (QFX5120-48Y)—Starting in Junos OS Release 19.4R1, you can use any of the following JNP-SFP-25G-DAC cables to set 10-Gbps speed on the SFP28 ports of a QFX5120-48Y switch:

    • JNP-SFP-25G-DAC-1M

    • JNP-SFP-25G-DAC-3M

    • JNP-SFP-25G-DAC-5M

    If you've plugged a JNP-SFP-25G-DAC cable into a QFX5120-48Y switch, then the SFP28 ports come up with 10-Gbps speed by default. To configure the SFP28 ports to operate at 25-Gbps speed, you must explicitly configure the speed of the first port in the port group using the set chassis fpc 0 pic 0 port port-num speed 25g command.

    [See Channelizing Interfaces on QFX5120-48Y Switches.]

  • Support for 10-Gbps speed on JNP-SFPP-10GE-T transceiver (QFX5100-48S)—Starting in Junos OS Release 19.4R1, QFX5100-48S switches support JNP-SFPP-10GE-T transceiver. This transceiver supports 10-Gbps speed by default.

Junos OS, XML, API, and Scripting

  • Automation script library upgrades (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release 19.4R1, devices running Junos OS that support the Python extensions package include upgraded Python modules. Python scripts can leverage the upgraded versions of the following modules:

    • idna (2.8)

    • jinja2 (2.10.1)

    • jnpr.junos (Junos PyEZ) (2.2.0)

    • lxml (4.3.3)

    • markupsafe (1.1.1)

    • ncclient (0.6.4)

    • packaging (19.0)

    • paho.mqtt (1.4.0)

    • pyasn1 (0.4.5)

    • yaml (PyYAML package) (5.1)

    [See Overview of Python Modules Available on Devices Running Junos OS.]

  • Python 3 support for commit, event, op, and SNMP scripts (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release 19.4R1, you can use Python 3 to execute commit, event, op, and SNMP scripts on devices running Junos OS. To use Python 3, configure the language python3 statement at the [edit system scripts] hierarchy level. When you configure the language python3 statement, the device uses Python 3 to execute scripts that support this Python version and uses Python 2.7 to execute scripts that do not support Python 3 in the given release.

    The Python 2.7 end-of-support date is January 1, 2020, and Python 2.7 will be EOL in 2020. The official upgrade path for Python 2.7 is to Python 3. As support for Python 3 is added to devices running Junos OS for the different types of onbox scripts, we recommend that you migrate supported script types from Python 2 to Python 3, because support for Python 2.7 might be removed from devices running Junos OS in the future.

    [See Understanding Python Automation Scripts for Devices Running Junos OS.]

Junos Telemetry Interface

  • JTI and OpenConfig support for VLAN sensors (EX4650, QFX5120)—Junos OS Release 19.4R1 supports the export of VLAN statistics using either Junos telemetry interface (JTI) services or remote procedure call (gRPC) services. You can export statistics at configurable intervals to an outside collector.

    This feature includes OpenConfig support for the data model openconfig-vlan.yang for VLAN configuration version 1.0.2.

    Use the following resource paths in a gRPC or gNMI subscription:

    • /vlans/

    • /vlans/vlan/state/name

    • /vlans/vlan/state/vlan-id

    • /vlans/vlan/state/status

    • /vlans/vlan/members/

    • /vlans/vlan/members/member/interface-ref/state/interface/

    • /vlans/vlan/members/member/interface-ref/state/interface/switched-vlan/state/interface-mode

    • /vlans/vlan/members/member/interface-ref/state/interface/switched-vlan/state/native-vlan

    • /vlans/vlan/members/member/interface-ref/state/interface/switched-vlan/state/access-vlan

    • /vlans/vlan/members/member/interface-ref/state/interface/switched-vlan/state/trunk-vlan

    • /vlans/vlan/members/member/interface-ref/state/interface/vlan/state/vlan-id

    Streaming telemetry data through gRPC or gNMI also requires the OpenConfig for Junos OS module.

    [See Guidelines for gRPC and gNMI Sensors (Junos Telemetry Interface).]

Layer 2 Features

  • Ethernet ring protection switching (ERPS)(EX4650 and QFX5120)—Starting in Junos OS Release 19.4R1, the EX4650 and QFX5120 support ERPS to reliably achieve carrier-class network requirements for Ethernet topologies forming a closed loop. The ITU-T Recommendation is G.8032 version 1.

    ERPS version 1 comprises the following features:

    • Revertive mode of operation of the Ethernet ring

    • Multiple ring instances on the same interfaces

    • Multiple ring instances on different interfaces

    • Interworking with Spanning Tree Protocol, Multiple Spanning Tree Protocol, and redundant trunk groups

    [See Ethernet Ring Protection Switching Overview.]

  • Redundant Trunk Group support (EX4650 and QFX5120)—Starting with Junos OS Release 19.4R1, EX4650 and QFX5120 switches support redundant trunk group (RTG) links.

    [See Redundant Trunk Groups.]

MPLS

  • MPLS scaling enhancements (EX4650 and QFX5120)—Starting in Junos OS Release 19.4R1, MPLS scaling is enhanced on EX4650 and QFX5120 switches. For instance, you can increase the scale from its default 1024 to 8192 on QFX5120 switches. This enhancement optimizes and increases the ingress tunnel scale to address the current needs of data center networks either in IP-CLOS or IP over MPLS application spaces.

    [See Supported MPLS Scaling Values.]

Routing Protocols

  • Integrating RIFT protocol into Junos OS (MX240, MX480, MX960, QFX5100, QFX5110, QFX5120-32C, QFX5120-48Y, QFX5120-48YM, QFX5200, QFX5210, QFX10008, and VMX virtual routers)—Starting in Junos OS Release 19.4R1, you can integrate a new IGP protocol, Routing in Fat Tree (RIFT), into Junos OS to route packets in variants of CLOS-based and fat tree network topologies (also called the spine and leaf model).

    The RIFT protocol is capable of automatic construction of fat-tree topologies, providing you the benefit of having a close to zero necessary configuration. RIFT makes networks resilient, extensively traceable, and simpler to manage, thereby overcoming the deployment limitations of evolving IP fabrics.

    [See RIFT Overview and Set Up.]

Software Defined Networking (SDN)

  • OVSDB support with VMware NSX for vSphere (QFX5120-32C switches)—Starting with Junos OS Release 19.4R1, the Open vSwitch Database (OVSDB) management protocol provides a control plane through which an NSX controller can provision QFX5120-32C switches. In an environment in which NSX Release 6.4.5 or later is deployed, an NSX controller and these switches can exchange control and statistical information, thereby enabling virtual machine (VM) traffic from entities in a virtualized network to be forwarded to entities in a physical network and the reverse.

    The physical underlay network over which OVSDB-VXLAN is commonly deployed is a two-layer IP fabric that includes spine and leaf devices. The spine devices function as Layer 3 VXLAN gateways, and the leaf devices function as Layer 2 VXLAN gateways. You can deploy QFX5120 switches as leaf devices in this fabric.

    [See Understanding the OVSDB Protocol Running on Juniper Networks Devices.]

  • Layer 2 and Layer 3 VXLAN gateways (QFX5120-32C switches)—Starting with Junos OS Release 19.4R1, you can deploy QFX5120-32C switches as follows:

    • As a Layer 2 VXLAN gateway, or a Layer 2 and Layer 3 VXLAN gateway in an EVPN overlay network

    • As a Layer 2 VXLAN gateway in an OVSDB overlay network

    VXLAN is an overlay technology that allows you to stretch Layer 2 connections over an intervening Layer 3 network by encapsulating (tunneling) Ethernet frames in a VXLAN packet that includes IP addresses. Using VXLANs to connect Layer 2 domains over a Layer 3 network means that you do not need to use the Spanning Tree Protocol (STP) to converge the topology (so no links are blocked) but can use more robust routing protocols in the Layer 3 network instead.

    [See Understanding VXLANs.]

  • Map PCE-initiated P2MP LSPs to MVPN (QFX Series)—Starting in Junos OS Release 19.4R1, you can associate a single or range of MVPN multicast flows (S,G) to a dynamically created PCE-initiated point-to-multipoint label-switched path (LSP). You can specify only selective types of flows, which include a route distinguisher (RD), (S,G) address, and LSP name. When the incoming traffic matches the specified flows, it is mapped to the point-to-multipoint PCE-initiated LSP.

    With this feature, you can benefit from reduced configuration as the PCE-initiated point-to-multipoint LSPs are dynamically mapped, thereby eliminating the need to statically enable MVPN and point-to-multipoint LSPs.

    [See Understanding Path Computation Element Protocol for MPLS RSVP-TE with Support for PCE-Initiated Point-to-Multipoint LSPs.]

System Logging

  • Improved intermodule communication between FFP and MGD (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release 19.4R1, intermodule communication is improved to enhance software debugging. To enhance error messages with more context, the exit conditions from libraries have been updated as follows:

    • Additional information is now logged for MGD-FFP intermodule communication.

    • Commit errors that previously were only shown onscreen are now logged.

    We provide a new operational command, request debug information, to speed up the initial information-gathering phase of debugging.

    [See request debug information.]

System Management

  • Precision Time Protocol (PTP) transparent clock (QFX5120 and QFX5210)—Starting in Junos OS Release 19.4R1, you can use a transparent clock to update the PTP packets with the residence time as the packets pass through the switch. There is no master/slave designation. The switches support end-to-end transparent clocks, which include only the residence time. The transparent clock can update the residence time in a one-step process, which means it sends the timestamps in one packet.

    To use a transparent clock, enable the e2e-transparent statement at the [edit protocols ptp].

    [See Understanding Transparent Clocks in Precision Time Protocol.]

  • Additional support for Bidirectional Forwarding Detection (QFX5110, QFX5120, QFX5200, and QFX5210)—Starting in Junos OS Release 19.4R1, Bidirectional Forwarding Detection (BFD) can support sessions of less than 1-second intervals. The inline BFD feature needs to be enabled with the set routing-options ppm inline-processing-enable command in order to support sub second BFD timers. Performance might vary depending on the configuration load within the system.

    Note

    IPv4 and standalone BFD sessions, as well as inline single-hop sessions are supported. Micro BFD implementation and logical router support are not supported.

    Note

    You must clear all BFD sessions after applying set routing-options ppm inline-processing-enable.

    [See Understanding Bidirectional Forwarding Detection (BFD). ]

VLAN Infrastructure

  • Support for multiple Q-in-Q tags (QFX10000 switches)—Starting in Junos OS Release 19.4R1, the QFX10000 line of switches support the third and fourth Q-in-Q tags as payload (also known as pass-through tag) along with the existing two tags (for VLAN matching and operations). The QFX10000 switches support multiple Q-in-Q tags for both layer 2 bridging and EVPN-VXLAN cases. The Layer 2 access interfaces accept packets with three or four tags (all tags with the TPID value 0x8100). All the tags beyond the fourth tag (that is, from the fifth tag onward) are considered part of the Layer 3 payload and are forwarded transparently.

    Note

    In a one or two tagged packet, the tags (tag 1 and tag 2) can carry any TPID values (0x8100, 0x88a8, 0x9100, and 0x9200).

    [See Configuring Q-in-Q Tunneling and VLAN Q-in-Q Tunneling and VLAN Translation.]

What's Changed

Learn about what changed in Junos OS main and maintenance releases for QFX Series.

What’s Changed in 19.4R3

Interfaces and Chassis

  • Autonegotiation status displayed correctly (QFX5120-48Y)—In Junos OS Release 19.4R3, the show interfaces interface-name <media> <extensive> command displays the autonegotiation status only for the interface that supports autonegotiation. This is applicable when the switch operates at 1-Gbps speed.

    In the earlier Junos OS releases, incorrect autonegotiation status was displayed even when autonegotiation was disabled.

Juniper Extension Toolkit (JET)

  • Set the trace log to only show error messages (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series)— You can set the verbosity of the trace log to only show error messages using the error option at the edit system services extension-service traceoptions level hierarchy.

    [See traceoptions (Services).]

Platform and Infrastructures

  • QFX-5120-32C switches support priority-based flow control (PFC) using Differentiated Services code points (DSCP) at Layer 3 for untagged traffic.

Routing Protocols

  • IGMP snooping in EVPN-VXLAN multihoming environments (QFX5110)— In an EVPN-VXLAN multihoming environment on QFX5110 switches, you can now selectively enable IGMP snooping only on those VLANs that might have interested listeners. In earlier releases, you must enable IGMP snooping on all VLANs associated with any configured VXLANs because all the VXLANs share VXLAN tunnel endpoints (VTEPs) between the same multihoming peers and require the same settings. This is no longer a configuration limitation.

  • Advertising 32 secondary loopback addresses to Traffic Engineering Database (TED) as prefixes (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—In Junos OS Release, multiple loopback addresses export into lsdist.0 and lsdist.1 routing tables as prefixes. This eliminates the issue of advertising secondary loopback addresses as router-ids instead of prefixes. In earlier Junos OS releases, multiple secondary loopback addresses in TED were added into lsdist.0 and lsdist.1 routing tables as part of node characteristics and advertised them as the router-id.

What’s Changed in 19.4R2

General Routing

  • Support for full inheritance paths of configuration groups to be built into the database by default (EX Series and QFX Series)—Starting with Junos OS Release 19.4R2, the persist-groups-inheritance option at the [edit system commit] hierarchy level is enabled by default. To disable this option, use no-persist-groups-inheritance.

    [See commit (System).]

  • LLDP ON_CHANGE statistics support with JTI (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series)—Enhanced telemetry ON_CHANGE event support provides the following LLDP attributes: - When LLDP is enabled on interfaces, LLDP interface counters are notified along with other interface-level attributes. - ON_CHANGE event reports LLDP neighbor age and custom TLVs, as well as when a neighbor is initially discovered

    [See Guidelines for gRPC and gNMI Sensors (Junos Telemetry Interface).]

High Availability (HA) and Resiliency

  • Install or activate the RIFT package to include the request rift package activate-as-top-of-fabric option—Install or activate the RIFT package to include the request rift package activate-as-top-of-fabric option. This option is same as the activate option but it adds additional configuration to act as a top-of-fabric node.

Multicast

  • Multicast Layer 2 transit traffic statistics by multicast source and group (EX4600, EX4650, and the QFX5000 line of switches)—Starting in Junos OS Release 19.4R2, EX4600, EX4650, and the QFX5000 line of switches provide statistics on the packet count for each multicast group and source when passing multicast transit traffic at Layer 2 with IGMP snooping. Run the show multicast snooping route extensive CLI command to see this count in the Statistics: … n packets output field. The other statistics in that output field, kBps and pps, are not available (values displayed there are not valid statistics for multicast traffic at Layer 2). In earlier releases, all three values in the Statistics output field for kBps, pps, and packets did not provide valid statistics for multicast traffic at Layer 2.

    [See show multicast snooping route.]

What’s Changed in 19.4R1

General Routing

  • Automatic installation of YANG-based CLI for RIFT protocol (MX Series, QFX Series, and vMX with 64-bit and x86-based servers)—In Rift 1.2 Release, installation of the CLI for RIFT protocol occurs automatically along with the installation of the junos-rift package. In the pre-1.0 releases of the junos-rift package, the RIFT CLI had to be installed separately using request system yang command after installation of the junos-rift package.

High Availability (HA) and Resiliency

  • IPv6 address in the prefix TIEs displayed correctly—The IPv6 address in the prefix TIEs are displayed correctly in the show rift tie output.

Interfaces and Chassis

  • Logical Interface is created along with physical interface by default (EX Series, MX Series, and QFX Series)—Starting in Junos OS Release 19.4R1, logical interfaces are created on ge, et, and xe interfaces along with the physical interface, by default. In earlier Junos OS releases, by default, only physical interfaces are created.

    For example, for ge interfaces, previously when you viewed the show interfaces command, by default, only the physical interface (ge-0/0/0), was displayed. Now, the logical interface (ge-0/0/0.16386) is also displayed.

Management

  • entPhysicalTable fetched on QFX10002—In Junos OS Release 19.4R1, the MIB data for entPhysicalTable will be fetched on a QFX10002-72Q or QFX10002-36Q switch.

    [See SNMP Explorer.]

Routing Protocols

  • XML RPC equivalent included for the show bgp output-scheduler | display xml rpc CLI command (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release 19.4R1, we have included an XML RPC equivalent for the show bgp output-scheduler | display xml rpc CLI command. In Junos OS releases before Release 19.4R1, the show bgp output-scheduler | display xml rpc CLI command does not have an XML RPC equivalent.

    [See show bgp output-scheduler.]

Software Defined Networking (SDN)

  • Increase in the maximum value of delegation-cleanup-timeout (QFX Series)—You can now configure a maximum of 2147483647 seconds as the delegation cleanup time for a Path Computation Client (PCC). This extends the time taken by the PCC to retain the last provided path over a PCEP session from the last session down time.

    With the increase in maximum value of delegation-cleanup-timeout from 600 to 2147483647 seconds, you can benefit during a Path Computation Element (PCE) failover, or other network issues that may disrupt the PCEP session with the main active stateful PCE.

    [See delegation-cleanup-timeout.]

Known Limitations

Learn about known limitations in Junos OS Release 19.4R3 for QFX Series. For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Layer 2 Features

  • The targeted-broadcast forward-only command does not broadcast the traffic. PR1359031

  • On the QFX5000 line of switches, the following error message is reported in the log: fpc0 Pools exhausted for Table:EGR_DVP_ATTRIBUTE_1. PR1479826

Layer 2 Ethernet Services

  • The LACP force-up and EVPN core isolation features are not supported together. PR1461581

Network Management and Monitoring

  • The number of possible output interfaces in remote port mirroring varies among the various switches in the QFX5000 line of switches:

    • QFX5110, QFX5120, and QFX5210—Support a maximum of 4 output interfaces.

    • QFX5100 and QFX5200—Support a maximum of 3 output interfaces.

Platform and Infrastructure

  • The IPv6 transit statistics counter does not work. PR1327811

  • After configuring and deleting the Ethernet loopback configuration, the interface goes down and does not come up. PR1353734

  • Traffic loss occurs in the BGP streams while triggering GRES and reboot with the base configuration. PR1508133

  • On the QFX10000 line of switches, the analyzer does not mirror after adding the child member to an aggregated Ethernet interface. PR1417694

  • VLAN does not get deleted in the hardware on IRB when disabled earlier, which causes ARP to refresh even though IRB is disabled. PR1421382

  • On the QFX5110-32Q line of switches, when the ports 0—23 are channelized as 4x10-Gigabit Ethernet in the default system mode, all the ports do not work. PR1438319

  • On the QFX5100 Virtual Chassis, the following error message is observed while issuing commit: could not open configuration database (juniper.data+). PR1452154

  • On the QFX5120 line of switches, one of the VCP ports of the throughput test result for most of the frame sizes is not close to 100 percent. PR1453709

  • One hundred percent Layer 2 MAC scaling traffic loss in the QFX10002-60C switch is observed after loading the EVPN-VXLAN collapsed profile configurations. PR1489753

  • Vmcore is observed after the Virtual Chassis splits event. PR1498485

  • Output interface index in sFLOW packet are zero when transit traffic are observed on the IRB interface with VRRP enabled. PR1521732

Routing Protocols

  • On the QFX5000 line of switches, the targeted broadcast functionality with VXLAN is not supported. PR1397086

Open Issues

Learn about open issues in Junos OS Release 19.4R3 for QFX Series. For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

EVPN

  • The OVSDB-managed QFX5100 or QFX5110 line of switches encapsulates the VXLAN traffic and sends the traffic to the incorrect destination MAC address when multiple remote VTEPs are in the same subnet and reach through the IRB interface in a stretched VLAN. PR1424698

Infrastructure

  • The following error message is seen during FTP: ftpd[14105]: bl_init: connect failed for /var/run/blacklistd.sock(No such file or directory). PR1315605

  • OID ifOutDiscards reports zero and sometimes displays valid value. PR1522561

Interfaces and Chassis

  • On the QFX5110 MC-LAG, flooding of the multicast packets for around 16—20 seconds is observed after disabling and enabling a member link of ICL after reboot. PR1422473

  • The ARP reply unicast packets might be flooded to all the interfaces in VLAN. PR1454764

Junos Fusion Provider Edge

  • The IGMP membership do not get learned by the AD fully even when the IGMP queries are been sent out. PR1419265

Layer 2 Features

  • On the QFX5000 Virtual Chassis, multicast traffic gets flooded even when the IGMP report times out. PR1431893

MPLS

  • The src_address of the lsp is reset to 0 when lsp goes down and the from address is not configured. PR1503030

Platform and Infrastructure

  • The backup Routing Engine might crash after continuous GRES for more than 10 times. PR1348806

  • On the QFX10000 line of switches, the Aruba wireless access point (AP) heartbeat packets are dropped. As a result, the Aruba wireless AP does not work. PR1352805

  • On the QFX5120-48Y line of switches, the filter action to change VLAN does not work. PR1362609

  • It is not possible to stop the ZTP bootstrap process when a QFX10016 or QFX10008 switches with many line cards is powered on with the factory-default configuration. PR1369959

  • USB upgrade of NOS image is not supported. PR1373900

  • With MLD-snooping enabled with two receivers in the same VLAN interested in the same group address but from a different source, traffic is received only on one receiver that sends the latest MLD report. This is because we do not install S, G routes in the hardware when MLD-snooping is enabled. PR1386440

  • On Junos OS Release 18.4R1, intermittent traffic loss is observed with the RTG streams while flapping the RTG primary interface. PR1388082

  • Subscriber bindings might not be successful. PR1396470

  • Some interfaces of the aggregated Ethernet interface bundle might go to the Detached state after changing configurations in bulk. PR1406691

  • uRPF in the Strict mode does not work. PR1417546

  • The libvirtMib_suba process generates a core file during installation. PR1419536

  • The LLDP frames received on the QFX5210 management em0 port might not be displayed in the show LLDP operational queries command. Other non-em0 interfaces display statistics. PR1426753

  • The l2ald memory leakage is observed when the VTEP or overlay BGP session flaps. PR1435561

  • On the QFX5200 line of switches, the ISSU might fail. PR1438690

  • On the QFX5000 line of switches, the port qualifier must be added. PR1440980

  • Routing Engine-generated jumbo frames might be dropped. PR1444963

  • On the QFX10000 line of switches, removal of the EVPN-VXLAN Layer 3 gateway on the IRB interface from the spine switches might cause traffic to be silently discarded. PR1446291

  • On the QFX5000 line of switches, misleading ISSU logs are printed during the NSSU process even when the switch does not perform ISSU. PR1451375

  • Interface still sends mirrored traffic out even after it is removed from the output VLAN. PR1452459

  • On the QFX5120 line of switches, one of the VCP ports of the throughput test result for most of the frame sizes is not close to 100 percent. PR1453709

  • On the QFX5200-32C-32Q line of switches, vmcore occurs after upgrading from Junos OS Release 18.3 throttle image to Junos OS Release 19.3R1 at ...../.amd/svl-engdata1vs1/occamdev/build/freebsd/stable_11/20190614.234225 __ci_fbsd_builder_stable_11.0.269d466/src/sys/kern/kern_shutdown.c:313. PR1455851

  • On the QFX5000 and QFX10000 line of switches, 9.51 percent of degradation with commit time and 12 percent of degradation with VLAN commit convergence are observed while comparing 19.4DCB with 19.3DCB. PR1457939

  • The show dynamic-tunnels database command does not show IPv6 mapped next hop flag for the 6 PE device routes that have labels. It is just a display issue. PR1458634

  • On the QFX5110 line of switches, the VXLAN VNI (mcast) scaling causes traffic issue. PR1462548

  • On the QFX5110 line of switches, the libvirtMib_suba process might generate a core file after an image upgrades from Junos OS Release 17.3R3-S5.2 to Junos OS Release 17.3R3-S6.3. PR1462725

  • The show interfaces xe-a/b/c statement on a disabled or enabled configuration change displays fiber intermittently. PR1467509

  • If a system has 1000 BGP-V4 VRF (120,000 routes) + 700 OSPF-V2 VRF (70,000 routes) + 300 P2P IS-IS V4 VRF (30,000 routes) (nearly 220000 hardware routes), then the deletion or reading of the VRF configurations might cause all the BGP sessions to go in the Down state. PR1469881

  • Interfaces are not detected on some of the ports when the 25-Gigabit Ethernet SFP is swapped and 10-Gigabit Ethernet SFP is inserted. PR1475574

  • Vmcore is observed after the Virtual Chassis splits event. PR1498485

  • The Packet Forwarding Engine gets stuck in the Init state for one or two members with the TCP connection timeout error. PR1503655

  • The archival function might fail in certain conditions. PR1507044

  • On the QFX5000 line of switches, multicast traffic loss is observed due to few multicast routes missing in the spine node. PR1510794

  • The BFD sessions might flap continuously after disruptive switchover followed by GRES switchover. PR1518106

  • In configurations with IRB interfaces, during times of the interface deletion (for example, fcp reboot), the Packet Forwarding Engine might log the following error: nh_ucast_change:291Referenced l2ifl not found.

    This condition should be transient with the system reconverging on the expected state. PR1054798

  • High rate of ARP or NS packets might be observed between a device that runs Junos OS and host when the device that runs Junos OS receives an ARP or NS packet on an interface in transition. PR1534796

  • Traffic loss is observed when multicast over GRE is configured. PR1536886

  • The show pfe filter hw filter-name does not retrieve the Packet Forwarding Engine program. PR1495712

Routing Protocols

  • On the QFX-5100 Virtual Chassis or Virtual Chassis Fan, the following error is observed in the hardware with the mini-PDT base configurations: BRCM_NH-,brcm_nh_bdvlan_ucast_uninstall(), 128:l3 nh 6594 unintsall failed. PR1407175

  • The BGP session might go to the Down state after the traffic flow starts. PR1431259

  • On the QFX5110 MC-LAG, the following error message is observed after the node reboots: L2_L3_INTF_OPS_ERROR. PR1435314

  • The VRF traffic loss on the mini-PDT based configurations occurs when you perform ISSU. PR1449581

  • The IGMP snooping on the QFX5110 and QFX5120 leaf devices might cause multicast packets to loop in the multihomed scenario. PR1457725

  • On the QFX 5100-48T-6Q Virtual Chassis or Virtual Chassis fan, the following error message is observed while copying image to the Virtual Chassis fan member and trying to downgrade the image: rcp for member 14, failed. PR1486632

  • In the QFX5000 Virtual Chassis, the IRBs are not reachable after the Virtual Chassis master reboots. PR1497098

  • Traffic loss is observed in the BGP streams while triggering GRES and rebooting with the base configuration. PR1508133

  • The remaining BFD sessions of the aggregated Ethernet interface flap continuously if one of the BFD sessions is deleted. PR1516556

Virtual Chassis

  • On the QFX5110-48S line of switches, false positive parity error message is observed: _soc_mem_array_sbusdma_read. PR1276970

  • On the QFX5000 Virtual Chassis, the DDoS violations that occur on the backup Routing Engine are not reported to the Routing Engine. PR1490552

Resolved Issues

Learn which issues were resolved in Junos OS main and maintenance releases for QFX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper online Junos Problem Report Search application.

Resolved Issues: 19.4R3

Class of Service (CoS)

  • PFC feature is not supported with QFX5120 Virtual Chassis due to chip limitation. PR1431895

  • Traffic might be forwarded to the wrong queue when a fixed classifier is used. PR1510365

EVPN

  • EVPN-VXLAN core isolation does not work when the system is rebooted or the routing is restarted. PR1461795

  • The l2ald memory leakage might be observed in any EVPN scenario. PR1498023

  • The VXLAN function might be broken due to a timing issue. PR1502357

  • Unable to create a new VTEP interface. PR1520078

  • In the EVPN-VXLAN scenario, the l2ald process might crash in a rare condition. PR1501117

Interfaces and Chassis

  • Traffic might get dropped because next hop points to ICL even after the local MC-LAG is up. PR1486919

  • MC-LAG consistency check fails if multiple IRB units are configured with same VRRP group. PR1488681

Layer 2 Features

  • On the QFX5120 line of switches, the MAC learning might not work correctly. PR1441186

  • On the QFX5120 line of switches, the third VLAN tag does not get pushed onto the stack. Instead, it gets swapped. PR1469149

  • On the QFX5200 line of switches, the MAC learning rate is degraded by 88 percent. PR1494072

  • The fpc goes down when 100-Gigabit Ethernet link comes up on the QFX5110-48S switch. PR1499422

  • The MAC address in the hardware table might become out of synchronization between the master and member in Virtual Chassis after the MAC flaps. PR1521324

  • On the QFX5000 line of switches, traffic imbalance might be observed if hash-params is not configured. PR1514793

Layer 2 Ethernet Services

  • The MC-LAG might become down after disabling and then enabling the force-up. PR1500758

  • The aggregated Ethernet interface sometimes might not come up after switch is rebooted. PR1505523

Platform and Infrastructure

  • Traceroute monitor with MTR version v.69 shows a false 10 percent loss. PR1493824

  • The RIB installation or deletion time consumption is reduced. PR1421250

  • SFP-LX10 stays down until autonegotiate is disabled. PR1423201

  • The PMTUD might not work for both IPv4 and IPv6 if the ingress Layer 3 interface is an IRB. PR1442587

  • On the QFX5100 line of switches, the interface output counter is double counted for the self-generated traffic. PR1462748

  • The sFlow does not work correctly if the received traffic goes out of more than one interface. PR1475082

  • Egress port mirroring might not work when the analyzer port and mirrored port belong to a different FPC. PR1477956

  • The dcpfe process might generate a core file with the non-oversubscribed mode after the SDK upgrades. PR1485854

  • On the QFX5120 Virtual Chassis, the output of the show chassis alarm command displays incorrect PEM status after multiple GRES events. PR1486736

  • On the QFX5100 line of switches, if more than one UDF filter or term is configured, then only the first filter or term is programmed in the hardware. This is due to the SDK 6.5.16 upgrade. PR1487679

  • The queue statistics are not as expected after configuring the IFD and logical interface shaping with the transmit rate and scheduler-map PR1488935

  • In the QFX5120 line of switches, the SNMP polling for the CPU utilization and state of the breakup-Routing Engine does not show in the two member Virtual Chassis. PR1495384

  • ARP might not get refreshed after timeout. PR1497209

  • Virtual Chassis is not stable with 100-Gigabit Ethernet and 40-Gigabit Ethernet interfaces. PR1497563

  • Outbound SSH connection flap or memory leak issue might be observed when pushing configuration to the ephemeral database with high rate. PR1497575

  • On the QFX5210-64C line of switches, the lcmd process generates a core file. PR1497947

  • Traffic might get dropped if the aggregated Ethernet member interface is deleted or added, or a SFP of the aggregated Ethernet member interface is unplugged or plugged PR1497993

  • On the QFX5210 line of switches, unexpected behavior of the port LEDs lights is observed after the upgrade. PR1498175

  • Inter and Intra VNI or VRF traffic is dropped between the CE devices when the interfaces connected between the TOR and multihomed PE devices are disabled. PR1498863

  • On the QFX5100 and QFX5110 line of switches, the firewall filter might not get applied. PR1499647

  • The BFD sessions flap after deactivating or activating the aggregated Ethernet interface or executing GRES. PR1500798

  • On the QFX5000 line of switches, ERPS might not work correctly. PR1500825

  • The interface becomes physically down after changing to the FEC-none mode. PR1502959

  • LLDP is not acquired when native-vlan-id and tagged VLAN-ID are the same on a port. PR1504354

  • The l2cpd crash might be seen if the ERP configuration is added or removed, and l2cpd is restarted. PR1505710

  • On the QFX10002, QFX10008, and QFX10016 line of switches, on the interfaces that maps to the hardware stream 0, if the enhanced transmission selection (ETS) in Junos OS implementation is the hierarchical port scheduling configurations, changed while a high rate traffic flows, the chip might be wedged, thus no traffic flow is seen. PR1509220

  • The ARP replies might be flooded through the EVPN-VXLAN network as an unknown unicast ARP reply. PR1510329

  • The output VLAN push might not work. PR1510629

  • In the VXLAN configuration, the firewall filters might not be loaded into the TCAM with the following message due to TCAM overflow after upgrading to Releases 18.1R3-S1, 18.2R1, and later : DFWE ERROR DFW: Cannot program filter. PR1514710

  • The route update might fail upon HMC memory issue and traffic impact might be seen. PR1515092

  • The MAC learning might not work properly after multiple MTU changes on the access port in the VXLAN scenario. PR1516653

  • The vgd process might generate a core file when the OVSDB server restarts. PR1518807

  • Traffic forwarding might be affected when adding, removing, or modifying the VLAN or VNI configurations such as VLAN-ID, VNI-ID, and Ingress-Replication command. PR1519019

  • On the QFX10002, QFX10008, and QFX10016 line of switches, the following error message is observed during specific steps while clearing and loading the scaled configuration again: PRDS_SLU_SAL:jprds_slu_sal_update_lrncnt(),1379: jprds_slu_sal_update_lrncnt call failed. PR1522852

  • On the QFX10002-60C line of switches, when the sFLOW adaptive-sampling with rate limiter command is enabled, sampling crosses the sample rate 65535. PR1525589

  • Packet loss is observed while validating the policer after restarting the chassis control. PR1531095

  • The DMA failure errors might be seen when the cache is full or flushes. PR1504856

  • The 100-Gigabit Ethernet AOC non-breakout port might be auto-channelized to other speed. PR1515487

  • The Kernel Routing Table (KRT) queue gets stuck after the J-Flow samples a malformed packet. PR1495788

  • On the QFX5100 switch, the request-pfe-execute command takes more than 5 seconds to receive a reply in Junos OS Release 18.4. PR1498092

  • The dcpfe process might crash due to memory leakage issue. PR1517030

Routing Protocols

  • The FPC process goes to the NotPresent state after upgrading the QFX5100 Virtual Chassis or Virtual Chassis Fan. PR1485612

  • The BGP route-target family might prevent the route reflector from reflecting the Layer 2 and Layer 3 VPN routes. PR1492743

  • The rpd process generates core file at rt_nh_resolve_add_gen in ../../../../../../../../src/junos/usr.sbin/rpd/lib/rt/rt_resolve_ind.c: with the evpn-dhcp configurations. PR1494005

  • Firewall filter doesnot work in certain conditions under the Virtual Chassis setup. PR1497133

  • Traffic drop might be observed after modifying the FBF firewall filter. PR1499918

  • On the QFX5000 line of switches, the fxpc process might crash. PR1512825

  • Scale of filters with the egress-to-ingress command is enabled. PR1514570

  • On the QFX5000 line of switches, the fxpc process might crash if the VXLAN interface flaps. PR1528490

  • High CPU load is observed due to specific Layer 2 frames being received in the EVPN-VXLAN deployment. PR1495890

  • The rpd process might report full CPU usage with the BGP route being damped. PR1514635

User Interface and Configuration

  • The version information under the configuration changes starting with Junos OS Release 19.1. PR1457602

Resolved Issues: 19.4R2

Class of Service (CoS)

  • Shaping does not work after the reboot if shaping-rate is configured. PR1432078

  • The traffic is placed in the network-control queue on an extended port even if the traffic comes in with a different DSCP marking. PR1433252

  • On the QFX5120-32C line of switches, when you move the unicast traffic to the multicast queue through the MF classifer, the show interface queue <> does not display any statistics. PR1459281

EVPN

  • The ESI of the IRB interfaces does not get updated after the autonomous-system number change if the interface is down. PR1482790

Forwarding and Sampling

  • The type 1 ESI/AD route might not be generated locally on the EVPN PE devices in the all-active mode. PR1464778

High Availability (HA) and Resiliency

  • On the QFX5000 line of switches, ISSU is not supported for some versions. PR1472183

Interfaces and Chassis

  • Executing commit might not work due to dcd process being nonresponsive. PR1470622

  • Commit error is not thrown when the member link is added to the multiple aggregation group with different interface specific options. PR1475634

  • Error message does not get generated while verifying the GRE limitation. PR1495543

Junos Fusion Enterprise

  • Loop detection might not work on the extended ports. PR1460209

Layer 2 Features

  • The LLDP function might fail when a device running Junos OS connects to a device that does not run Junos OS. PR1462171

  • The FPC goes down when 100-Gigabits Ethernet link comes up on the QFX5110-48S switch. PR1499422

  • On the QFX5000 line of switches, few MAC addresses might be missing from the MAC table in the software. PR1467466

  • Ingress traffic might silently discard traffic if the underlying interfaces flap in the EVPN-VXLAN scenario. PR1469596

  • Traffic might get affected if the composite next-hop is enabled. PR1474142

Layer 2 Ethernet Services

  • The relay-source command is now applicable for the forward-only subscribers. PR1455076

  • Member links state might be asychronized on the connection between the PE devices and the CE devices in the EVPN A/A scenario. PR1463791

  • When the wired DHCPv6 clients changes VLAN and an existing DHCPv6 relay binding exists on another VLAN, the DHCPv6 confirm packets from the client might not get processed correctly on the relay resulting in connectivity issues. PR1496220

MPLS

  • On the QFX10002 line of switches, the show mpls static-lsp | display xml command produces invalid XML. PR1469378

  • Traffic might be silently discarded on the PE devices when the CE devices send traffic to the PE devices and the destination is resolved with two LSPs through one upstream interface. PR1475395

  • The traffic might get lost over the QFX5100 switch acting as a transit PHP node in the MPLS network. PR1477301

  • The BGP session might keep flapping between two directly connected BGP peers because of the wrong TCP-MSS in use. PR1493431

Platform and Infrastructures

  • On the QFX5100 Virtual Chassis, the following error message is observed: MacDrainTimeOut and bcm_port_update failed: Internal error. PR1284590

  • The system might stop new MAC learning and impact the Layer 2 traffic forwarding. PR1475005

  • On the QFX5120 switch under the MC-LAG scenario, traffic loss are observed. PR1494507

  • FPC major error is observed after system boots up or FPC restarts. PR1475851

  • The following error message is generated while booting: CMQFX: Error requesting SET BOOLEAN, illegal setting 66. PR1385954

  • On the QFX5000 line of switches, the show chassis errors active detail command is not supported. PR1386255

  • The 10-Gigabit Ethernet fiber interfaces might flap frequently when connected to a switch from another vendor. PR1409448

  • The show interface command output indicates Media type: Fiber on the QFX5100-48T switch running the QFX 5E Series image. PR1419732

  • The CoS rewrite rules applied under an aggregated Ethernet interface might not take effect after NSSU. PR1430173

  • The l2cpd process might crash and generate a core file when the interfaces flap. PR1431355

  • The default logical interface on the channelized IFD might not get created after ISSU or ISSR. PR1439358

  • CRC error might be seen on the VCPs of the QFX5100 Virtual Chassis. PR1449406

  • The em0 route might be rejected after the em0 interface is disabled and then enabled. PR1449897

  • FPC does not restart immediately after the system reboot that causes packet loss. PR1449977

  • On the QFX10000 line of switches, the CoS classification does not work. PR1450265

  • On the QFX5000 line of switches, when a dual VLAN tag feature is configured on the physical interface that is not supported, no warning or error message is displayed. PR1450455

  • Members might stay disconnected from the QFX5120-32C/QFX5120-48T Virtual Chassis after a full-stack reboot. PR1453399

  • Changing the VLAN name associated with the access ports might prevent the MAC addresses from being learned under the EVPN-VXLAN scenario. PR1454095

  • Master FPC might come up in the Master state again after the reboot instead of backup. PR1454343

  • On the QFX5000 line of switches, the dcpfe process crashes due to the usage of data that is not null getting terminated. PR1454527

  • In a 16+ member QFX5100 Virtual Chassis fan, the FROM column under the output of the show system users output reports feb0, feb1, feb2, or feb3 for FPC16, FPC17, FPC18, or FPC19, respectively. PR1455201

  • On the QFX10000 line of switches, the PFC feature does not work. PR1455309

  • The cosd process might crash if forwarding-class-set is directly applied on the child interface of an aggregated Ethernet interface. PR1455357

  • The telemetry traffic might not be sent out when the telemetry server is reachable through a different routing-instance. PR1456282

  • Link up delay and traffic drop might be observed on the mixed SP Layer 2 or Layer 3, and EP Layer 2 type configurations. PR1456336

  • The QFX5110 QSFP-100GBASE-SR4 switch made by Avago cannot link up. PR1457266

  • On the QFX10000 line of switches, the Packet Forwarding Engine might crash after the Routing Engine switchover. PR1457414

  • In the QFX5110 line of switches, port 51 has one LED blinking amber. PR1457516

  • On the QFX5000 line of switches, the accept-source-mac feature with VXLAN does not work. PR1460885

  • On the QFX10000 line of switches, show forwarding-options enhanced-hash-key does not work. PR1462519

  • On the QFX5000 line of switches, the fxpc process might generate a core file when you change MTU in a VXLAN scenario with firewall filters applied. PR1462594

  • On the QFX10000 line of switches, the FPC process might restart during run-time. PR1464119

  • A 10-Gigabit Ethernet interface might not come up on the QFX5100-48T switches or negotiate at speed 1-Gigabit Ethernet when connected with Broadcom 57800-T daughter card. PR1465196

  • Starting from Junos OS Release 19.2R2, the PSU numbering on AS7816-64X platform has changed from 0->1 and 1->0 and the fan numbering has changed from 0,1,2,3->3,2,1,0. PR1465327

  • On the QFX10000 line of switches, the EBUF parity interrupt is not observed. PR1466532

  • On the QFX10000 line of switches, the EPR iCRC errors might cause protocols to go down. PR1466810

  • The DHCPvX acknowledgment message does not receive a response to the Broadcast inform packets in Junos OS Release 19.1R2.3. PR1467182

  • Ingress drops must be included at the CLI command from the interface statistics and added to the InDiscards. PR1468033

  • Optics measurements might not be streamed for interfaces of a PIC over JTI. PR1468435

  • MAC address might not be learned on a new extended port after VMotion in Junos fusion for data center environment. PR1468732

  • If continuous interface flap occur at ingress or egress of the PE devices, the IP routed packets might get looped on the MPLS PHP node. PR1469998

  • Incorrect counter value is observed for the arrival rate and the peak rate for the DDoS commands. PR1470385

  • The speed 10m might not be configured on the ge- interface. PR1471216

  • When the VTEP source interface is configured in the multiple routing instances, there might be traffic loss. PR1471465

  • On the QFX5000 line of switches, the egress ACL filter entries is only 512 in Junos OS Release 19.4R1. PR1472206

  • The shaping of CoS does not work after reboot. PR1472223

  • The detached interface in LAG might process the xSTP BPDUs. PR1473313

  • The l2ald crash might be observed when around 16,000 VLAN-IDs share the same VXLAN tunnel and the Packet Forwarding Engine is rebooted. PR1473521

  • The RIPv2 packets forwarded across a Layer 2 circuit connection might get dropped. PR1473685

  • On the QFX5000 line of switches in the EVPN-VXLAN scenario, continuous error log messages might be raised. PR1474545

  • On the QFX5000 line of switches, the Layer 2 circuit might fail to communicate through VLAN 2. PR1474935

  • On the QFX5200 line of switches, the DAC cables are not being properly detected in the Packet Forwarding Engine in Junos OS Release 18.4R2-S2.4. PR1475249

  • There might be traffic drop on the QFX5110 or QFX5120 line of switches acting as a leaf switch in a multicast environment with VXLAN. PR1475430

  • The QFX Series platforms exhibit invalid Packet Forwarding Engine PG counter pairs to copy src 0xfffff80, dst 0. PR1476829

  • On the QFX10002-36Q/72Q switches, the following continuous error messages are logged on the device on getting adoption valid bit[8] asserted: prds_ptc_wait_adoption_status: PECHIP[1] PTC[1]: timeout. PR1477192

  • The default Virtual Chassis MAC persistence timer is incorrectly set to 20 seconds instead of 20 minutes. PR1478905

  • The remaining interface might be still in the Down state even though the number of channelized interfaces is no more than 5. PR1480480

  • The ARP request packets for an unknown host might get dropped in the remote PE device in the EVPN-VXLAN scenario. PR1480776

  • VLAN creation failure might be observed with the scaled VLAN and Layer 3 configuration. PR1484964

  • On the QFX5120 Virtual Chassis, the output of the show chassis alarm command displays incorrect PEM status after multiple GRES events. PR1486736

  • After ISSU or ISSR, a port using SR4 or LR4 optics might not come up. PR1490799

  • The BFD sessions start to flap when the firewall filter in the loopback0 is changed. PR1491575

  • The SLAX script might get lost after upgrading the software. PR1479803

Routing Protocols

  • The OSPF VRF sessions take a long time to come up when the host table is full and the host routes are in the LPM table. PR1358289

  • On the QFX5110 Virtual Chassis peers, invalid VRRP mastership election is observed. PR1367439

  • On the QFX5100 line of switches, the BGP IPv4 or IPv6 convergence and the RIB installation or deletion time is reduced in Junos OS Releases 19.1R1, 19.2R1, 19.3R1, and 19.4R1. PR1414121

  • PIM (S,G) joins might cause MSDP to incorrectly announce source active messages in some cases. PR1443713

  • On the QFX5100 Virtual Chassiss, the CRC errors might be observed. PR1444845

  • Core files might get generated during the addition or removal of the EVPN type-5 routing instance. PR1455547

  • The following error message is observed after the ISSU with Mini-PDT base configurations: Error brcm_ipmc_route_counter_delete:3900Multicast stat destroy failed (-10:Operation still running). PR1460791

  • The mcsnoopd crash might be seen if one of the BD/VLANs is configured as a part of EVPN and has static or dynamic multicast router interfaces. PR1468737

  • Flows do not fall back to a single link when the inactivity-interval is set higher than the IFG. PR1471729

  • Traffic might not be forwarded over the ECMP link in the EVPN-VXLAN scenario. PR1475819

  • ARP packets are always sent to CPU regardless of whether the storm-control is activated. PR1476708

  • GRE transit traffic does not forward in the VRRP scenario. PR1477073

  • The MUX state in the LACP interface does not go to the Collecting and Distributing state and remains in the Attached state after enabling the aggregated Ethernet interface. PR1484523

  • The FPC process goes to the NotPrsnt state after upgrading the QFX5100 VC/VCF switch. PR1485612

Resolved Issues: 19.4R1

Class of Service (CoS)

  • QFX10008: FPC0 generated core files after running the Packet Forwarding Engine command show cos sched-usage. PR1449645

  • The show cos scheds-per-pfe, show cos pfe-scheduler-ifds ,and pfe commands will restart forwarding planes on QFX10008 switches. PR1452013

EVPN

  • Asynchronous result between ARP table and Ethernet switching table happens if EVPN ESI link flaps multiple times. PR1435306

  • When using no-arp-suppression , an ARP request might not be sent out when an ARP entry aged out. PR1441464

  • ARP and IPv6 neighbor entries cannot be cleared when they are learned from EVPN multihomed ESI. PR1446957

  • EVPN-VXLAN NON-COLLAPSED: ARP will get resolved on QFX5100 for VXLAN having vlan-id of 2. PR1453865

  • ARP request/NS might be sent back to the local segment by DF router. PR1459830

Forwarding and Sampling

  • Commit error and dfwd core files might be observed when applying a firewall filter with action then traffic-class or then dscp. PR1452435

Interfaces and Chassis

  • VRRPv6 state is flapping with init and idle states after configuring vlan-tagging. PR1445370

  • On QFX10000 ARP entries might not be synchronized between MC-LAG devices. PR1449806

  • The traffic might be forwarded to the incorrect interfaces in MC-LAG scenario. PR1465077

  • Vrrpv3mibs are not working on QFX Series platform to poll VRRPv6 related objects. PR1467649

Layer 2 Features

  • Storm control configuration might be disabled for the interface. PR1354889

  • Packet loss might be seen when one of the spine switches fails or reboots. PR1421672

  • Ethernet ring protection switching (ERPS) nodes might not converge to IDLE state after failure recovery or reboot. PR1431262

  • EVPN-VXLAN NON-COLLAPSED: JTASK and multimove depth failed errors are seen after HALT. PR1434687

  • The MAC/ARP learning might not work for copper base SFP-T on QFX5100/QFX5110/EX4600. PR1437577

  • The traffic leaving QFX5000 and EX46000 switches might not be properly load-balanced over ae interfaces. PR1448488

  • Unequal LAG hashing might happen on QFX devices. PR1455161

  • The fxpc.core file might be seen when committing the configuration all together, for example, after the reboot. PR1467763

MPLS

  • The l2circuit traffic might be silently dropped at EVPN SPINE/MPLS LSP TRANSIT device if VXLAN access interface flaps on remote PE node (QFX5110). PR1435504

  • Packet loss might occur when ECMP resilient-hash is enabled on QFX5000 platforms. PR1442033

Platform and Infrastructure

  • QFX5100-VC MacDrainTimeOut and bcm_port_update failed: Internal error. PR1284590

  • On QFX5100 platforms, LR4 QSFP can take up to 15 minutes to come up after Virtual Chassis reboot. PR1337340

  • When powering off an individual FPC, the other FPC Packet Forwarding Engine might go offline too. PR1344395

  • Mib2d core file in mib2d_write_snmpidx at snmpidx_sync.c on both ADs while bringing up base traffic profile. PR1354452

  • Need new CLI command to enable copying of Open vSwitch Database (OVSDB) to RAM on Virtual Chassis backup Routing Engine instead of SSD. PR1382522

  • FEC error counts are not updating for QFX5110. PR1382803

  • QSFP-100GBASE-SR4/LR4 might take a long time to come up after disabling interface or reboot. PR1402127

  • Ping over loopback might not work over type 5 tunnel on QFX10000 platforms. PR1405786

  • QFX5200/5100 might not be able to send out control plane traffic to the peering device. PR1406242

  • No inner VLAN tag is added even with input-vlan-map push configured on QFX10000 platforms. PR1407347

  • The optic comes with Tx enabled by default. As the port is administratively disabled, the port is stopped but as the port has not been started, it does not disable Tx. PR1411015

  • QFX5120 : Route table full for IPv6 routes in some scenarios. PR1412873

  • Intermittently chassis alarms might not be raised after power-cycle of the device. PR1413981

  • IPv6 multicast traffic received on one Virtual Chassis member might be dropped when egressing on other Virtual Chassis member if MLD snooping is enabled. PR1423310

  • Ports might get incorrectly channelized if they are 10-Gigabit Ethernet already and they are channelized to 10-Gigabit Ethernet again. PR1423496

  • On QFX5000 or QFX10000 switches, packet drops might be seen for the traffic that has to go over type-5 overlay tunnel. PR1423928

  • The dcpfe/Packet Forwarding Engine might not start on AS7816-64X and QFX5000 TVP platform devices. PR1426737

  • QFX5210: Received LLDP frames on em0 not displaying in LLDP neighbor output. PR1426753

  • QFX5100-VCF - rollback for uncommitted configuration takes 1 hour. PR1427632

  • Packet drops, replication failure, or ksyncd crashes might be seen on the logical system of a device running Junos OS after Routing Engine switchover. PR1427842

  • The dcpfe process might crash and restart in MC-LAG scenario when the ARP/NDP next hop is changed. PR1427994

  • The global-mac-limit and global-mac-ip-limit might allow more entries than the configured values. PR1428572

  • [QFX10008] After Routing Engine switchover, LED status is not set for missing fan tray. PR1429309

  • The l2cpd process might crash and generate a core file when interfaces are flapping. PR1431355

  • The dcpfe might crash on all line cards on QFX10000 in a scaled setup. PR1431735

  • The FPC might crash when a firewall filter is modified. PR1432116

  • Outer VLAN tag might not be pushed in the egress VXLAN traffic toward the host for Q-in-Q scenario. PR1432703

  • Line card might crash due to plug in unsupported SFP-T module. PR1432809

  • Traffic loss might be seen on QFX10000/PTX10000 platforms using line card LC1105. PR1433300

  • Layer 3 filters applied to PVLAN IRB interface might not work after unified ISSU. PR1434941

  • QFX5100-Virtual Chassis : NSSU: there might be approximate 1 minute traffic loss during NSSU with LACP link protection configuration. PR1435519

  • The mc-ae interface might get stuck in waiting state in dual mc-ae scenario. PR1435874

  • QFX5200 NSSU: dcpfe core file is seen after NSSU upgrade of backup followed by reboot. PR1435963

  • DHCP discover packets sent to IP addresses in the same subnet as IRB interface cause the QFX5110 to send bogus traffic out of DHCP-snooping enabled interfaces. PR1436436

  • Unknown SNMP traps (1.3.6.1.4.1.2636.3.69.1.0.0.1) are sent on QFX5110 restart. PR1436968

  • The FPC might crash if both the ae boundle flapping on the local device and the configuration change on peer device occur at the same time. PR1437295

  • BGP neighborship might not come up if the MACsec feature is configured. PR1438143

  • The DHCP snooping table might be cleared for VLAN ID 1 after adding a new VLAN ID to it. PR1438351

  • Port LED turns red when cable is connected on QFX5210. PR1438359

  • Interfaces configured with flexible-vlan-tagging might loss connectivity. PR1439073

  • The xSTP recognizes 1G SFP-T optic interface as LAN type resulting, in slow STP convergence. PR1439095

  • LACP MUX state stuck in "Attached" after disabling peer active members when link protection is enabled on local along with force-up. PR1439268

  • DHCPv6 relay binding is not up while verifying the DHCP Snooping along with DHCPv6 relay. PR1439844

  • EX4600 Virtual Chassis does not comes up after replacing Virtual Chassis port from fiber connection to DAC cable. PR1440062

  • MAC addresses learned on RTG might not be aged out after a Virtual Chassis member is rebooted. PR1440574

  • QFX10002 MCLAG PDT: Layer 2, Layer 3 Traffic drop is seen on disabling/enabling MC-LAG. PR1440732

  • The Layer 3 communication might break on an interface that is configured with flexible-ethernet-services. PR1441690

  • The operational status of the interface in hardware and software might be out of synchronization in EVPN setup with arp-proxy feature enabled. PR1442310

  • Flow control does not work as expected on 100-Gigabit Ethernet interface of QFX5110. PR1442522

  • The PMTUD might not work for both IPv4 and IPv6 if the ingress Layer 3 interface is an IRB. PR1442587

  • DHCPv6 client might fail to get an IP address. PR1442867

  • When a line card is rebooted, the MC-LAG might not get programmed after the line card comes back online. PR1444100

  • QFX5200: Observing DCBCM[bcore_init]: ioctl call failed ret:0 failure message when changing UFT profile in FPC logs. PR1445855

  • On QFX10008, traffic impact might be seen when the JSRV interface is used. PR1445939

  • CoS classifier might not work as expected. PR1445960

  • IPinIP: QFX - CoS rewrite happens to both inner and outer header. PR1446128

  • IPinIP: ptx/qfx - Upon steering of underlay dynamic tunnel PNHs to a different set of ECMP next hops, unrelated IPv6 based tunnel traffic is tagged with the incorrect VLAN. PR1446132

  • Traffic discarded for only specified VLAN in IPACL_VXLAN filters. PR1446489

  • Long IPv6 address are not displayed fully on IPv6 neighbor table. PR1447115

  • Unicast ARP requests are not replied with no-arp-trap option. PR1448071

  • Rebooting QFX5120-48Y using request system reboot doesn't take physical links offline immediately. PR1448102

  • QFX10000 -- QSFP28 100G AOC / 740-065632 & QSFP+ 40G / 740-043308 transceiver -- port LED remains lit green after disconnecting one end. PR1448121

  • QFX5100-48t's in a mixed Virtual Chassis with QFX5110 switches are experiencing rx crc errors on vc-ports 53 and 52. PR1449406

  • Except one AE member link, the other links do not send out sFlow sample packets for ingress traffic. PR1449568

  • REST API process will get non-responsive when a number of request coming with a high rate. PR1449987

  • RMPC core files are found after configuration changes are done on the network for PTP/Clock Synchronization. PR1451950

  • Vgd core files might be generated when tunnel gets deleted twice. PR1452149

  • DHCP offer packet with unicast flag set gets dropped by QFX10000 in a VXLAN multi-homed setup using anycast IP. PR1452870

  • Configuration change in VLAN all option might affect the per-VLAN configuration. PR1453505

  • The classifier configuration doesn't get applied to the interface in an EVPN/VXLAN environment. PR1453512

  • The show chassis led shows incorrect status. PR1453821

  • On QFX5100-VC VGD process hogs the CPU without switch-options vtep-source-interface lo0.0 configuration. PR1454014

  • Master FPC might come up in master state again after reboot instead of backup. PR1454343

  • QFX10002-60c: EVPN-VXLAN: MAC+IP Count is shown as Zero. PR1454603

  • QFX5120 : Untagged hosts ARP/NS connected on encapsulation ethernet-bridge interface are not being resolved. PR1454804

  • The PFC feature doesn't work on QFX10000 platforms. PR1455309

  • The laser from the 10G SFP+ interface is still on when the interface is disabled or the device is rebooted. PR1456742

  • Over temperature SNMP trap messages are shown after update even though the temperatures are within the system thresholds. PR1457456

  • Dual tag Q-in-Q is not working with EVPN-VXLAN. PR1458206

  • QFX5210 : LED does not light on port 64 and 65 after upgraded to Junos OS Release 19.2R1. PR1458514

  • The BPDU packet might be looped between leaf DF switch and non-DF switch and cause traffic blocking. PR1458929

  • The dhcpv6 LDRA relay bounded count is not as expected after dchp is configured. PR1459499

  • The fxpc process might crash due to BGP IPV6 session flaps. PR1459759

  • The forwarding option is missed in routing-instance type. PR1460181

  • The ’entPhysicalTable’ MIB is not fetching expected data on QFX10002-72Q / 36Q platforms. PR1462582

  • The firewall filter does not get hit for traceroute packets when destination MAC address is VRRP virtual MAC. PR1463425

  • On QFX5100 Virtual Chassis, the error BRCM-VIRTUAL,brcm_vxlan_walk_svp(),6916:Failed to find L2-iff for ifl: might appear during cleanup of EVPN-VXLAN configurations. These messages are harmless. PR1463939

  • A few of the interfaces stay down and keep flapping for QFX ULC-3DWDM-MACsec line cards on reboot. PR1464650

  • QFX5100-24Q: Not able to apply DSCP rewrite to firewall filter to a Layer 3 subinterface (for example, xe-0/0/0.100). PR1464883

  • PEM is not present spontaneously on QFX5210. PR1465183

  • The 10-Gigabit Ethernet port on QFX5100-48T negotiates with speed 1 GB with BRCM 10G/GbE 2+2P 57800-t rNDC. PR1465196

  • The QSFP-100G-PSM4 could not be correctly identified on QFX5200 or QFX5110 platforms. PR1465214

  • When BGP open messages with specific types of BGP optional capabilities are sent during BGP session establishment, incorrectly coded messages are later sent to the BMP Collector. PR1466477

  • Slow packet drops might be seen on QFX5000 platforms. PR1466770

  • Ingress drops to be included at CLI from interface statistics and added to InDiscards. PR1468033

  • QFX5120 is looping the IP routed packet through IS-IS or MPLS. PR1469998

  • l2ald core is seen (l2ald_mem_free, l2ald_update_comp_vmenh) after restarting dc-pfe in Virtual Chassis devices. PR1473521

Routing Protocols

  • Host-destined packets with filter log action might not reach to Routing Engine if log/syslog is enabled. PR1379718

  • The IRB transit traffic might not be counted for EVPN-VXLAN traffic. PR1383680

  • QFX5100 : BGP IPv4 and IPv6 convergence and RIB installation and deletion time are degraded in Junos OS Releases 19.1R1, 19.2R1, 19.3R1, and 19.4R1. PR1414121

  • The fxpc core file might be seen during the reboot of device on QFX5100/EX4600 switches. PR1432023

  • The IPv4 fragmented packets might be broken if PTP transparent clock is configured. PR1437943

  • Traffic might be dropped after the Q-in-Q enabled interface is flapped or a change is made to the vlan-id-list. PR1441402

  • QFX5210: firewall Filter DSCP action modifier does not work when firewall filter is mapped to IRB. PR1441444

  • IPv6 connectivity between MC-LAG peers might fail when multiple IRB interfaces are present. PR1443507

  • PIM (S,G) joins can cause MSDP to incorrectly announce source active messages in some cases. PR1443713

  • The QFX5120 might drop the tunnel encapsulated packets if it acts as a transit device. PR1447128

  • Loopback address exported into other VRF instances might not work on ACX Series, EX Series, and QFX Series platforms. PR1449410

  • MPLS LDP might still use stale MAC of the neighbor even the LDP neighbor's MAC changes. PR1451217

  • A few seconds of traffic drop might be seen on the existing receivers when another receiver joins/leaves. PR1457228

  • The egress interface in Packet Forwarding Engine for some end-hosts might not be correct on the Layer 3 gateway switch after it is rebooted. PR1460688

  • The "other querier present interval" timer cannot be changed in IGMP/MLD snooping scenario. PR1461590

  • When deleting IRB on the Layer 3 gateway, IRB does not get removed from Packet Forwarding Engine and will silently drop traffic to IRB MAC address. PR1463092

User Interface and Configuration

  • EX4600 and QFX5100 were unable to commit baseline configuration after being returned to zero. PR1426341

Documentation Updates

This section lists the errata and changes in Junos OS Release 19.4R3 for the QFX Series switches documentation.

Feature Guides Are Renamed As User Guides

  • Starting with Junos OS 19.4R1, we renamed our Feature Guides to User Guides to better reflect the purpose of the guides. For example, the BGP Feature Guide is now the BGP User Guide. We didn’t change the URLs of the guides, so any existing bookmarks you have will continue to work. To keep the terminology consistent on our documentation product pages, we renamed the Feature Guides section to User Guides. To find documentation for your specific product, check out this link.

Migration, Upgrade, and Downgrade Instructions

This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for Junos OS. Upgrading or downgrading Junos OS can take several hours, depending on the size and configuration of the network.

Upgrading Software on QFX Series Switches

When upgrading or downgrading Junos OS, always use the jinstall package. Use other packages (such as the jbundle package) only when so instructed by a Juniper Networks support representative. For information about the contents of the jinstall package and details of the installation process, see the Installation and Upgrade Guide and Junos OS Basics in the QFX Series documentation.

If you are not familiar with the download and installation process, follow these steps:

  1. In a browser, go to https://www.juniper.net/support/downloads/junos.html.

    The Junos Platforms Download Software page appears.

  2. In the QFX Series section of the Junos Platforms Download Software page, select the QFX Series platform for which you want to download the software.
  3. Select 19.4 in the Release pull-down list to the right of the Software tab on the Download Software page.
  4. In the Install Package section of the Software tab, select the QFX Series Install Package for the 19.4 release.

    An Alert box appears.

  5. In the Alert box, click the link to the PSN document for details about the software, and click the link to download it.

    A login screen appears.

  6. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
  7. Download the software to a local host.
  8. Copy the software to the device or to your internal software distribution site.
  9. Install the new jinstall package on the device.Note

    We recommend that you upgrade all software packages out of band using the console, because in-band connections are lost during the upgrade process.

    Customers in the United States and Canada use the following command:

    user@host> request system software add source/jinstall-host-qfx-5-x86-64-19.4-R3.n-secure-signed.tgz reboot

    Replace source with one of the following values:

    • /pathname—For a software package that is installed from a local directory on the switch.

    • For software packages that are downloaded and installed from a remote location:

      • ftp://hostname/pathname

      • http://hostname/pathname

      • scp://hostname/pathname (available only for Canada and U.S. version)

    Adding the reboot command reboots the switch after the upgrade is installed. When the reboot is complete, the switch displays the login prompt. The loading process can take 5 to 10 minutes.

    Rebooting occurs only if the upgrade is successful.

Note

After you install a Junos OS Release 19.4 jinstall package, you can issue the request system software rollback command to return to the previously installed software.

Installing the Software on QFX10002-60C Switches

This section explains how to upgrade the software, which includes both the host OS and the Junos OS. This upgrade requires that you use a VM host package—for example, a junos-vmhost-install-x.tgz .

During a software upgrade, the alternate partition of the SSD is upgraded, which will become primary partition after a reboot .If there is a boot failure on the primary SSD, the switch can boot using the snapshot available on the alternate SSD.

Note

The QFX10002-60C switch supports only the 64-bit version of Junos OS.

Note

If you have important files in directories other than /config and /var, copy the files to a secure location before upgrading. The files under /config and /var (except /var/etc) are preserved after the upgrade.

To upgrade the software, you can use the following methods:

If the installation package resides locally on the switch, execute the request vmhost software add <pathname><source> command.

For example:

user@switch> request vmhost software add /var/tmp/junos-vmhost-install-qfx-x86-64-19.4R3.9.tgz

If the Install Package resides remotely from the switch, execute the request vmhost software add <pathname><source> command.

For example:

user@switch> request vmhost software add ftp://ftpserver/directory/junos-vmhost-install-qfx-x86-64-19.4R3.9.tgz

After the reboot has finished, verify that the new version of software has been properly installed by executing the show version command.

user@switch> show version

Installing the Software on QFX10002 Switches

Note

If you are upgrading from a version of software that does not have the FreeBSD 10 kernel (15.1X53-D30, for example), you will need to upgrade from Junos OS Release 15.1X53-D30 to Junos OS Release 15.1X53-D32. After you have installed Junos OS Release 15.1X53-D32, you can upgrade to Junos OS Release 15.1X53-D60 or Junos OS Release 18.3R1.

Note

On the switch, use the force-host option to force-install the latest version of the Host OS. However, by default, if the Host OS version is different from the one that is already installed on the switch, the latest version is installed without using the force-host option.

If the installation package resides locally on the switch, execute the request system software add <pathname><source> reboot command.

For example:

user@switch> request system software add /var/tmp/jinstall-host-qfx-10-f-x86-64-19.4R3.n-secure-signed.tgz reboot

If the Install Package resides remotely from the switch, execute the request system software add <pathname><source> reboot command.

For example:

user@switch> request system software add ftp://ftpserver/directory/jinstall-host-qfx-10-f-x86-64-19.4R3.n-secure-signed.tgz reboot

After the reboot has finished, verify that the new version of software has been properly installed by executing the show version command.

user@switch> show version

Upgrading Software from Junos OS Release 15.1X53-D3X to Junos OS Release 15.1X53-D60, 15.1X53-D61.7, 15.1X53-D62, and 15.1X53-D63 on QFX10008 and QFX10016 Switches

Note

Before you install the software, back up any critical files in /var/home. For more information regarding how to back up critical files, contact Customer Support at https://www.juniper.net/support.

The switch contains two Routing Engines, so you will need to install the software on each Routing Engine (re0 and re1).

If the installation package resides locally on the switch, execute the request system software add <pathname><source> command.

To install the software on re0:

user@switch> request system software add /var/tmp/jinstall-host-qfx-10-m-15.1X53-D60.n-secure-domestic-signed.tgz re0

If the Install Package resides remotely from the switch, execute the request system software add <pathname><source> re0 command.

For example:

user@switch> request system software add ftp://ftpserver/directory/jinstall-host-qfx-10-m-15.1X53-D60.n-secure-domestic-signed.tgz re0

To install the software on re1:

user@switch> request system software add /var/tmp/jinstall-host-qfx-10-m-15.1X53-D60.n-secure-domestic-signed.tgz re1

If the Install Package resides remotely from the switch, execute the request system software add <pathname><source> re1 command.

For example:

user@switch> request system software add ftp://ftpserver/directory/jinstall-host-qfx-10-m-15.1X53-D60.n-secure-domestic-signed.tgz re1

Reboot both Routing Engines.

For example:

user@switch> request system reboot both-routing-engines

After the reboot has finished, verify that the new version of software has been properly installed by executing the show version command.

user@switch> show version

Installing the Software on QFX10008 and QFX10016 Switches

Because the switch has two Routing Engines, perform a Junos OS installation on each Routing Engine separately to avoid disrupting network operation.

Note

Before you install the software, back up any critical files in /var/home. For more information regarding how to back up critical files, contact Customer Support at https://www.juniper.net/support.

Warning

If graceful Routing Engine switchover (GRES), nonstop bridging (NSB), or nonstop active routing (NSR) is enabled when you initiate a software installation, the software does not install properly. Make sure you issue the CLI delete chassis redundancy command when prompted. If GRES is enabled, it will be removed with the redundancy command. By default, NSR is disabled. If NSR is enabled, remove the nonstop-routing statement from the [edit routing-options] hierarchy level to disable it.

  1. Log in to the master Routing Engine’s console.

    For more information about logging in to the Routing Engine through the console port, see the specific hardware guide for your switch.

  2. From the command line, enter configuration mode:

    user@switch> configure
  3. Disable Routing Engine redundancy:

    user@switch# delete chassis redundancy
  4. Disable nonstop-bridging:

    user@switch# delete protocols layer2-control nonstop-bridging
  5. Save the configuration change on both Routing Engines:

    user@switch# commit synchronize
  6. Exit the CLI configuration mode:

    user@switch# exit

    After the switch has been prepared, you first install the new Junos OS release on the backup Routing Engine, while keeping the currently running software version on the master Routing Engine. This enables the master Routing Engine to continue operations, minimizing disruption to your network.

    After making sure that the new software version is running correctly on the backup Routing Engine, you are ready to switch routing control to the backup Routing Engine, and then upgrade or downgrade the software version on the other Routing Engine.

  7. Log in to the console port on the other Routing Engine (currently the backup).

    For more information about logging in to the Routing Engine through the console port, see the specific hardware guide for your switch.

  8. Install the new software package using the request system software add command:

    user@switch> request system software add validate /var/tmp/jinstall-host-qfx-10-f-x86-64-19.4R3.n-secure-signed.tgz

    For more information about the request system software add command, see the CLI Explorer.

  9. Reboot the switch to start the new software using the request system reboot command:

    user@switch> request system reboot
    Note

    You must reboot the switch to load the new installation of Junos OS on the switch.

    To abort the installation, do not reboot your switch. Instead, finish the installation and then issue the request system software delete <package-name> command. This is your last chance to stop the installation.

    All the software is loaded when you reboot the switch. Installation can take between 5 and 10 minutes. The switch then reboots from the boot device on which the software was just installed. When the reboot is complete, the switch displays the login prompt.

    While the software is being upgraded, the Routing Engine on which you are performing the installation is not sending traffic.

  10. Log in and issue the show version command to verify the version of the software installed.

    user@switch> show version

    Once the software is installed on the backup Routing Engine, you are ready to switch routing control to the backup Routing Engine, and then upgrade or downgrade the master Routing Engine software.

  11. Log in to the master Routing Engine console port.

    For more information about logging in to the Routing Engine through the console port, see the specific hardware guide for your switch.

  12. Transfer routing control to the backup Routing Engine:

    user@switch> request chassis routing-engine master switch

    For more information about the request chassis routing-engine master command, see the CLI Explorer.

  13. Verify that the backup Routing Engine (slot 1) is the master Routing Engine:

    user@switch> show chassis routing-engine
  14. Install the new software package using the request system software add command:

    user@switch> request system software add validate /var/tmp/jinstall-host-qfx-10-f-x86-64-19.4R3.n-secure-signed.tgz

    For more information about the request system software add command, see the CLI Explorer.

  15. Reboot the Routing Engine using the request system reboot command:

    user@switch> request system reboot
    Note

    You must reboot to load the new installation of Junos OS on the switch.

    To abort the installation, do not reboot your system. Instead, finish the installation and then issue the request system software delete jinstall <package-name> command. This is your last chance to stop the installation.

    The software is loaded when you reboot the system. Installation can take between 5 and 10 minutes. The switch then reboots from the boot device on which the software was just installed. When the reboot is complete, the switch displays the login prompt.

    While the software is being upgraded, the Routing Engine on which you are performing the installation does not send traffic.

  16. Log in and issue the show version command to verify the version of the software installed.

  17. Transfer routing control back to the master Routing Engine:

    user@switch> request chassis routing-engine master switch

    For more information about the request chassis routing-engine master command, see the CLI Explorer.

  18. Verify that the master Routing Engine (slot 0) is indeed the master Routing Engine:

    user@switch> show chassis routing-engine

Performing a Unified ISSU

You can use unified ISSU to upgrade the software running on the switch with minimal traffic disruption during the upgrade.

Note

Unified ISSU is supported in Junos OS Release 13.2X51-D15 and later.

Perform the following tasks:

Preparing the Switch for Software Installation

Before you begin software installation using unified ISSU:

  • Ensure that nonstop active routing (NSR), nonstop bridging (NSB), and graceful Routing Engine switchover (GRES) are enabled. NSB and GRES enable NSB-supported Layer 2 protocols to synchronize protocol information between the master and backup Routing Engines.

    To verify that nonstop active routing is enabled:

    Note

    If nonstop active routing is enabled, then graceful Routing Engine switchover is enabled.

    If nonstop active routing is not enabled (Stateful Replication is Disabled), see Configuring Nonstop Active Routing on Switches for information about how to enable it.

  • Enable nonstop bridging (NSB). See Configuring Nonstop Bridging on Switches (CLI Procedure) for information on how to enable it.

  • (Optional) Back up the system software—Junos OS, the active configuration, and log files—on the switch to an external storage device with the request system snapshot command.

Upgrading the Software Using Unified ISSU

This procedure describes how to upgrade the software running on a standalone switch.

To upgrade the switch using unified ISSU:

  1. Download the software package by following the procedure in the Downloading Software Files with a Browser section in Installing Software Packages on QFX Series Devices.

  2. Copy the software package or packages to the switch. We recommend that you copy the file to the /var/tmp directory.

  3. Log in to the console connection. Using a console connection allows you to monitor the progress of the upgrade.

  4. Start the ISSU:

    • On the switch, enter:

      where package-name.tgz is, for example, jinstall-host-qfx-10-f-x86-64-19.4R3.n-secure-signed.tgz.

    Note

    During the upgrade, you cannot access the Junos OS CLI.

    The switch displays status messages similar to the following messages as the upgrade executes:

    Note

    A unified ISSU might stop, instead of abort, if the FPC is at the warm boot stage. Also, any links that go down and up will not be detected during a warm boot of the Packet Forwarding Engine (PFE).

    Note

    If the unified ISSU process stops, you can look at the log files to diagnose the problem. The log files are located at /var/log/vjunos-log.tgz.

  5. Log in after the reboot of the switch completes. To verify that the software has been upgraded, enter the following command:

  6. Ensure that the resilient dual-root partitions feature operates correctly, by copying the new Junos OS image into the alternate root partitions of all of the switches:

    Resilient dual-root partitions allow the switch to boot transparently from the alternate root partition if the system fails to boot from the primary root partition.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.

You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1, 17.2 and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from Junos OS Release 17.1 to Release 17.3.

You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.

For more information about EEOL releases and to review a list of EEOL releases, see https://www.juniper.net/support/eol/junos.html.