Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Junos OS Release Notes for PTX Series Packet Transport Routers

 

These release notes accompany Junos OS Release 20.1R1 for the PTX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

What's New

Learn about new features introduced in this release for PTX Series routers.

Interfaces and Chassis

  • Handling thermal health events (PTX5000)—Starting in Junos OS Release 20.1R1, on PTX5000 routers, you can enable a thermal health check and configure an action (such as auto shutdown and alarm) to be taken when a thermal health event such as power leakage is detected. You can also configure the power supply module (PSM) watchdog to shut down the PSM output power in case a thermal health event causes Junos to go down.

    Note

    The PSM watchdog feature works only if all the online PSMs in the router support this feature.

    [See Handling Thermal Health Events Using Thermal Health Check and PSM Watchdog]

  • Support for new show | display set CLI commands (ACX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release 20.1R1, the following new show commands have been introduced:

    • show | display set explicit—Display explicitly, as a series of commands, all the configurations that the system internally creates when you configure certain statements from the top level of the hierarchy.

    • show | display set relative explicit—Display explicitly, as a series of commands, all the configurations that the system internally creates when you configure certain statements from the current hierarchy level.

    [See show | display set and show | display set relative.]

Junos OS XML API and Scripting

  • The jcs:load-configuration template supports loading the rescue configuration (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release 20.1R1, the jcs:load-configuration template supports the rescue parameter to load and commit the rescue configuration on a device. SLAX and XSLT scripts can call the jcs:load-configuration template with the rescue parameter set to "rescue" to replace the active configuration with the rescue configuration.

    [See Changing the Configuration Using SLAX and XSLT Scripts and jcs:load-configuration Template.]

Junos Telemetry Interface

  • IS-IS adjacency and LSDB event streaming support on JTI (MX960, PTX1000, and PTX10000)—Junos OS Release 20.1R1 provides IS-IS adjacency and link-state database (LSDB) statistics using Junos telemetry interface (JTI) and remote procedure call (gRPC) services or gRPC Network Management Interface (gNMI) services. ON_CHANGE statistics are sent to an outside collector.

    The following resource paths are supported:

    • /network-instances/network-instance/protocols/protocol/isis/interfaces/interfaces/circuit-counters/state/ (stream)

    • /network-instances/network-instance/protocols/protocol/isis/interfaces/interface/levels/level/packet-counters/ (stream)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/system-level-counters/state/ (stream)

    • /network-instances/network-instance/protocols/protocol/isis/interfaces/interfaces/levels/level/adjacencies/adjacency/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/extended-ipv4-reachability/prefixes/prefix/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/extended-ipv4-reachability/prefixes/prefix/subtlvs/subtlv/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/ipv6-reachability/prefixes/prefix/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/ipv6-reachability/prefixes/prefix/subtlvs/subtlv/ (stream)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/extended-is-reachability/neighbors/neighbors/subTLVs/subTLVs/adjacency-sid/sid/state/ (ON-CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/extended-is-reachability/neighbors/neighbors/subTLVs/subTLVs/lan-adjacency-sid/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/ipv4-interfaces-addresses/state/ (ON_CHANGE))

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/ipv4-srlg/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/ipv4-te-router-id/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/ipv6-interfaces-addresses/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/router-capabilities/router-capability/subtlvs/subtlv/segment-routing-capability/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/state (stream)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/area-address/state/address (stream)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/nlpid/state/nlpid (stream)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/lsp-buffer-size/state/size (stream)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/hostname/state/hname (stream)

    [See Guidelines for gRPC and gNMI Sensors (Junos Telemetry Interface).]

  • Platform, interface, and alarm sensor ON_CHANGE support on JTI (MX960, MX2020, PTX1000, PTX5000)—Junos OS Release 20.1R1 supports platform, interface, and alarm statistics using Junos telemetry interface (JTI) and gRPC Network Management Interface (gNMI) services. You can use this feature to send ON_CHANGE statistics for a device to an outside collector.

    This feature supports the OpenConfig models:

    • openconfig-platform.yang: oc-ext:openconfig-version 0.12.1

    • openconfig-interfaces.yang: oc-ext:openconfig-version 2.4.1

    • openconfig-alarms.yang: oc-ext:openconfig-version 0.3.1

    Use the following resource paths in a gNMI subscription:

    • /components/component (for each installed FRU)

    • /interfaces/interface/state/

    • /interfaces/interface/subinterfaces/subinterface/state/

    • /alarms/alarm/

    [See Guidelines for gRPC Sensors (Junos Telemetry Interface).]

  • gRPC Dial-Out support on JTI (ACX Series, MX Series, PTX Series, and QFX Series)—Junos OS Release 20.1R1 provides remote procedure call (gRPC) dial-out support for telemetry. In this method, the target device (server) initiates a gRPC session with the collector (client) and, when the session is established, streams the telemetry data that is specified by the sensor-group subscription to the collector. This is in contrast to the gRPC network management interface (gNMI) dial-in method, in which the collector initiates a connection to the target device.

    gRPC dial-out provides several benefits as compared to gRPC dial-in, including simplifying access to the target advice and reducing the exposure of target devices to threats outside of their topology.

    To enable export of statistics, include the export-profile and sensor statements at the [edit services analytics] hierarchy level. The export profile must include the reporting rate, the transport service (for example, gRPC), and the format (for example, gbp-gnmi). The sensor configuration should include the name of the collector (the server’s name), the name of the export profile, and the resource path. An example of a resource path is /interfaces/interface[name='fxp0'.

    [See Using gRPC Dial-Out for Secure Telemetry Collection.]

  • gRPC version v1.18.0 with JTI (ACX Series, MX Series, PTX Series, and QFX Series)—Junos OS Release 20.1R1 includes support for remote procedure call (gRPC) services version v1.18.0 with Junos telemetry interface (JTI). This version includes important enhancements for gRPC. In earlier releases, JTI is supported with gRPC version v1.3.0.

    Use gRPC in combination with JTI to stream statistics at configurable intervals from a device to an outside collector.

    [See gRPC Services for Junos Telemetry Interface.]

  • LLDP statistics, notifications, and configuration model for suppress-tlv-advertisement support on JTI (MX240, MX480, MX960, MX10003, PTX10008, PTX10016)—Junos OS Release 20.1R1 provides remote procedure call (gRPC) streaming services support for attribute leaf suppress-tlv-advertisement under the resource path /lldp/state/suppress-tlv-advertisement. The following TLVs are supported, which in turn support operational state, notifications, and configuration change support:

    • port-description

    • system-name

    • system-description

    • system-capabilities

    • management-address

    • port-id-type

    [See Guidelines for gRPC and gNMI Sensors (Junos Telemetry Interface).]

  • SR-TE statistics for uncolored SR-TE policies streaming on JTI (MX Series, PTX Series)—Junos OS Release 20.1R1 provides segment routing traffic engineering (SR-TE) per label-switched Path (LSP) route statistics using Junos telemetry interface (JTI) and remote procedure call (gRPC) services. Using JTI and gRPC services, you can stream SR-TE telemetry statistics for uncolored SR-TE policies to an outside collector.

    Ingress statistics include statistics for all traffic steered by means of an SR-TE LSP. Transit statistics include statistics for traffic to the Binding-SID (BSID) of the SR-TE policy.

    To enable these statistics, include the per-source per-segment-list statement at the [edit protocols source-packet-routing telemetry statistics] hierarchy level.

    If you issue the set protocols source-packet-routing telemetry statistics no-ingress command, ingress sensors are not created.

    If you issue the set protocols source-packet-routing telemetry statistics no-transit command, transit sensors are not created. Otherwise, if BSID is configured for a tunnel, transit statistics are created.

    The following resource paths (sensors) are supported:

    • /junos/services/segment-routing/traffic-engineering/tunnel/lsp/ingress/usage/

    • /junos/services/segment-routing/traffic-engineering/tunnel/lsp/transit/usage/

    To provision the sensor to export data through gRPC services, use the telemetrySubscribe RPC.

    Streaming telemetry data through gRPC or gNMI also requires the OpenConfig for Junos OS module.

    [See Guidelines for gRPC and gNMI Sensors (Junos Telemetry Interface, source-packet-routing, and show spring-traffic-engineering lsp detail name name.]

Routing Protocols

  • Support for topology-independent loop-free alternate (TI-LFA) in IS-IS for IPv6-only networks (ACX Series, MX Series, and PTX Series)— Starting with Junos OS Release 20.1R1, you can configure TI-LFA with segment routing in an IPv6-only network for the IS-IS protocol. TI-LFA provides MPLS fast reroute (FRR) backup paths corresponding to the post-convergence path for a given failure. TI-LFA provides protection against link failure, and node failure.

    You can enable TI-LFA for IS-IS by configuring the use-post-convergence-lfa statement at the [edit protocols isis backup-spf-options] hierarchy level. You can enable the creation of post-convergence backup paths for a given IPv6 interface by configuring the post-convergence-lfa statement at the [edit protocols isis interface interface-name level level] hierarchy level. The post-convergence-lfa statement enables link-protection mode.

    You can enable node-protection mode for a given interface at the [edit protocols isis interface interface-name level level post-convergence-lfa] hierarchy level. However, you cannot configure fate-sharing protection for IPv6-only networks.

    [See Understanding Topology-Independent Loop-Free Alternate with Segment Routing for IS-IS.]

MPLS

  • CoS-based forwarding and policy-based routing to steer selective traffic over an SR-TE path (ACX Series, MX Series, and PTX Series)—Starting in Junos OS Release 20.1R1, you can use CoS-based forwarding (CBF) and policy-based routing (PBR, also known as filter-based forwarding or FBF) to steer service traffic using a particular segment routing-traffic-engineered (SR-TE) path. This feature is supported only on non-colored segment routing LSPs that have the next hop configured as a first hop label or an IP address.

    With CBF and PBR, you can:

    • Choose an SR-TE path on the basis of service.

    • Choose the supporting services to resolve over the selected SR-TE path.

    [See Example: Configuring CoS-Based Forwarding and Policy-Based Routing For SR-TE LSPs.]

Network Management and Monitoring

  • Remote port mirroring to an IP address (GRE encapsulation) (PTX Series)—You use port mirroring to send traffic to applications that analyze traffic to monitor compliance, enforce policies, detect intrusions, and so on. Starting in Junos OS Release 20.1R1, you can configure remote port mirroring to send sampled packets to a remote IP address, with the packets encapsulated in a GRE header.

    • Configure remote port mirroring to send sampled packets to a remote IP address, with the packets encapsulated in an IPv4 GRE header:

      set forwarding-options port-mirroring instance instance-name output ip-source-address address ip-destination-address address

    • (Optional) Configure a static traffic-class value that represents the 8-bit differentiated services (DS) field in the IPv4 header of a GRE tunnel. You can program 6 of the 8 bits, so the value that you can configure under DSCP can be 0-63 (2^0 to 2^6).

      set forwarding-options port-mirroring instance instance-name output dscp numeric-dscp-value

    • (Optional) Configure a policer to police the mirrored traffic that is going out of that interface:

      set forwarding-options port-mirroring instance instance-name output policer policer-name

    • (Optional) Configure the forwarding of packets to a queue defined by a forwarding class:

      set forwarding-options port-mirroring instance instance-name output forwarding-class forwarding-class-name

    [See instance (Port Mirroring) and traffic-class (Tunnels).]

  • On-box monitoring support on the control plane (MX Series and PTX Series)—Starting in Junos OS Release 20.1R1, you can configure on-box monitoring to monitor anomalies with respect to the memory utilization of Junos OS applications and the overall system in the control plane of MX Series and PTX Series routers.

    You can use on-box monitoring to monitor system-level memory and process-level memory to detect possible leaks. When the system is running low on memory, the process heuristic shares the prediction and you can configure the action to be taken when leaks are identified.

    See memory (system)

System Management

  • Restrict option under NTP configuration is now visible (ACX Series, QFX Series, MX Series, PTX Series, and SRX Series)—Starting in Junos OS Release 20.1R1, the noquery command under the restrict hierarchy is now available and can be configured with a mask address. The noquery command is used to restrict ntpq and ntpdc queries coming from hosts and subnets.

    [See Configuring NTP Access Restrictions for a Specific Address.]

What's Changed

There are no changes in the behavior of Junos OS features or in the syntax of Junos OS statements and commands in this release for PTX Series.

Known Limitations

Learn about known limitations in this release for PTX Series routers.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

  • PTX Series platforms with the FPC-PTX-P1-A or FPC2-PTX-P1A line card might encounter a single event upset (SEU) event that can cause a linked-list corruption of the TQCHIP. The following syslog message is reported: Jan 9 08:16:47.295 router fpc0 TQCHIP1: Fatal error pqt_min_free_cnt is zero Jan 9 08:16:47.295 router fpc0 CMSNG: Fatal ASIC error, chip TQ Jan 9 08:16:47.295 router fpc0 TQ Chip::FATAL ERROR!! from PQT free count is zero jan 9 08:16:47.380 router alarmd[2427]: Alarm set: FPC color=RED, class=CHASSIS, reason=FPC 0 Fatal Errors - TQ Chip Error code: 0x50002 Jan 9 08:16:47.380 router craftd[2051]: Fatal alarm set, FPC 0 Fatal Errors - TQ Chip Error code: 0x50002 Junos OS chassis management error handling does detect such condition, and raises an alarm and performs the disable-pfe action for the affected Packet Forwarding Engine entity. To recover this Packet Forwarding Engine entity, a restart of the FPC is needed. Soft errors are transient or non-recurring. FPCs experiencing such SEU events do not have any permanent damage. Contact your Juniper support representative if the issue is seen after a FPC restart. PR1254415

  • When a filter is attached in the outbound direction, GRE encapsulated headers are applied after the filter block in the egress direction. So in this case, it is possible that the filter is evaluated on an old header content (and not on the new GRE encapsulated header) and hence filter evaluation turns true and the new GRE encapsulated gets recirculated for another GRE encapsulation. This issue is difficult to fix as filter block evaluation happens before the new header is attached. PR1465837

  • PTX1000/PTX10000 platform count MPLS header also in packet length where as MX does not include it when acting in egress PE role. So we see difference in byte accounting in both platforms corresponding to the length of MPLS label stack received with the packet. PR1482408

Open Issues

Learn about open issues in this release for PTX Series routers.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

  • PTX: CM2.0 : Alarm action is not working for minor error, after changing the threshold to 1. PR1345154

  • Traffic loss is greater than 50 ms (in order of 200 to 300 ms) for IP routes pointing to unilist of composites with indirect next hops during a link down scenario. In this case, the Packet Forwarding Engine does not do the local repair and will wait for the rpd to install the new next hops. PR1383965

  • On routers and switches running Junos OS, with Link Aggregation Control Protocol (LACP) enabled, deactivating a remote aggregate Ethernet (AE) member link makes the local member link move to LACP Detached state. The detached link is invalidated from the Packet Forwarding Engine AE-Forwarding table as expected. However, if the device is rebooted with this state, all the member links are enabled in the Packet Forwarding Engine AE-Forwarding table irrespective of LACP states, which results in traffic drop. PR1423707

  • The em2 interface configuration is causing the FPC to crash during initialization, and the FPC does not come online, after deleting the em2 configuration and restarting the router, FPC comes online. PR1429212

  • Memory leaks are expected in this release. PR1438358

  • On PTX1000 and PTX10002 platforms, if transient voltage fluctuations on a SIB or an FPC are seen, it might trigger the fabric healing process (FHP) and FPC/SIB restart. Later, the SIB might not restart but the FPC still goes online, so the device might experience silent dropping of packets, which affects the service. PR1460406

  • When users configure the best destination network with dyn-tunnel-attribute-policy and preference, we are not migrating, the tunnel from the old destination network. PR1462805

  • Using a PTX system with an FPC2-PTX-P1A or an FPC-PTX-P in a network with a high rate of multicast routes changes -- that is, active PIM, or MVPN environment-- might lead to PLCT Policer and Counter counter exhaustion. When PLCT counter entries are exhausted, PTX router may start to lose protocols' adjacencies to its neighbors, or transit/ingress LSPs may go down. PR1479789

  • On a PTX3000 or PTX5000 platform with some specific FPCs, if the weights of links are set to an invalid value on an AE bundle interface or unilist (an unilist next hop composed of several unicast next-hops), an FPC crash might be observed. It is a rare issue and the FPC will try to reload to resolve this problem. Traffic loss might be seen before the FPC completes the reload period. PR1484255

  • On all Junos based PTX/QFX10000 Series platforms with large filter configuration (for example, one filter has more than 500 terms or one term has more than 500 filters) scenario, during the change operation of loopback0 filter, the bfd sessions start to flap. PR1491575

  • During FRR event, if the backup path is inet table lookup(with backup-ip-forward configuration) then, per Sid-stats might not work as expected on PTX Series platform only. This problem is not seen on MX routers. Traffic loss during FRR switchover is more than 50 ms on some occasions. PR1491765

Infrastructure

  • The harmless log of invalid SMART checksum might be seen when performing software upgrade to specific releases (for example, Junos OS Releases 15.1F5-S3, 15.1F6-S1, 15.1F7, 15.1R4-S3, 15.1R5, 16.1R1, 16.1R2, and 16.2R1). PR1222105

Routing Protocols

  • With Bidirectional Forwarding Detection (BFD) configured on an aggregated Ethernet interface, if you disable and then enable the aggregated Ethernet interface, then that interface and the BFD session might not come up. PR1354409

  • By adding the sbfd responder configuration on RE-DUO-2600, ppmd crashes and a core file is generated. The issue is not seen on RE-PTX-2X00x6(NGRE). PR1477525

Resolved Issues

Learn which issues were resolved in this release for PTX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Forwarding and Sampling

  • The pfed might crash and be unable to come up on the PTX Series or TVP platforms. PR1452363

General Routing

  • PTX Series interface stays down after maintenance. PR1412126

  • Telemetry statistics might not account correctly when IS-IS sensors are enabled and the route next hops are ae interfaces. PR1413680

  • LACP packet does not pass through Layer 2 circuit. PR1424553

  • Interface does not come up after interface flapping and FPC reboot. PR1428307

  • Reclassification policy applied on the route prefixes might not work on PTX Series platforms. PR1430028

  • The l2cpd process might crash and generate a core file when interfaces are flapping. PR1431355

  • The FPC might crash when a firewall filter is modified. PR1432116

  • Unable to change DDoS protocol TTL values under PTX10000. PR1433259

  • Upgrading fails due to communication failure between Junos VM and the host OS. PR1438219

  • Packet loss might be seen if IPoIP or MPLS-over-UDP dynamic tunnels with ECMP are configured. PR1446132

  • Changing the hostname triggers an on-change notification, not an adjacency on-change notification. Also, currently IS-IS is sending the hostname instead of the system ID in OC paths. PR1449837

  • JNP10K-LC2101 FPC generates the "Voltage Tolerance Exceeded" major alarm for EACHIP 2V5 sensors. PR1451011

  • The 100-Gbps interface might not come up after flapping on PTX5000. PR1453217

  • Traffic might be dropped on PTX Series platforms. PR1459484

  • Silent dropping of traffic upon interface flapping after DRD auto-recovery. PR1459698

  • The "forwarding" option is missed in routing-instance type. PR1460181

  • Hardware failure in CB2-PTX causes traffic interruption. PR1460992

  • The sample, syslog, or log action in output firewall filters for packets of size less than 128 bytes might cause an ASIC wedge (all packet loss) on PTX Series platforms. PR1462634

  • PIC might restart if the temperature of QSFP optics is overheated on PTX3000 or PTX5000. PR1462987

  • An FPC might restart during runtime on PTX10000 or QFX10000 lines of devices. PR1464119

  • Continuous MACsec-wedge-cleared logs might be seen and LACP flapping might happen with 100% line-rate traffic or near line rate traffic in the MACsec line card. PR1466481

  • EBUF parity interrupt is not seen on PTX Series routers or the QFX10000 line of switches. PR1466532

  • IPv6 traffic might get dropped in a Layer 3 VPN network. PR1466659

  • Packet Forwarding Engine error logs (prds_packet_classify_notification: Failed to find fwd nh for flabel 48) might be reported when IGMP packets get sampled on the PTX5000 platform. PR1466995

  • Optics measurements might not be streamed for interfaces of a PIC over JTI. PR1468435

  • Incorrect counter value for Arrival rate and Peak rate for DDoS commands. PR1470385

  • Traffic loops for pure Layer 2 packets coming over an EVPN tunnel with the destination MAC address matching the IRB MAC address. PR1470990

  • The input-vlan-map or output-vlan-map might not work properly in a Layer 2 circuit local-switching scenario. PR1474876

Infrastructure

  • The kernel crashes when removing a mounted USB storage device while a file is being copied to it. PR1425608

  • Slow response from SNMP might be observed after an upgrade to Junos OS Release 19.2R1 and later. PR1462986

Interfaces and Chassis

  • After member interface flapping, the aggregated Ethernet remains down on the 5-port 100-Gigabit Ethernet DWDM CFP2-ACO PIC. PR1429279

Layer 2 Ethernet Services

  • Member links state might be asychronized on a connection between the PE and CE devices in EVPN A/A scenario. PR1463791

MPLS

  • Kernel crash and device restart might happen. PR1478806

Routing Protocols

  • SSH login might fail if a user account exists in both local database and RADIUS or TACACS+. PR1454177

  • The other querier present interval timer cannot be changed in an IGMP/MLD snooping scenario. PR1461590

  • The rpd process might crash with BGP multipath and route withdrawal occasionally. PR1481589

Documentation Updates

This section lists the errata and changes in Junos OS Release 20.1R1 documentation for the PTX Series.

Dynamic Host Configuration Protocol (DHCP)

  • Introducing DHCP User Guide—Starting in Junos OS Release 20.1R1, we are introducing the DHCP User Guide for Junos OS routing, switching, and security platforms. This guide provides basic configuration details for your Junos OS device as DHCP Server, DHCP client, and DHCP relay agent.

    [See DHCP User Guide.]

Migration, Upgrade, and Downgrade Instructions

This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for Junos OS for the PTX Series. Upgrading or downgrading Junos OS might take several hours, depending on the size and configuration of the network.

Basic Procedure for Upgrading to Release 20.1

When upgrading or downgrading Junos OS, use the jinstall package. For information about the contents of the jinstall package and details of the installation process, see the Installation and Upgrade Guide. Use other packages, such as the jbundle package, only when so instructed by a Juniper Networks support representative.

Note

Back up the file system and the currently active Junos OS configuration before upgrading Junos OS. This allows you to recover to a known, stable environment if the upgrade is unsuccessful. Issue the following command:

Note

The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration information from the previous software installation is retained, but the contents of log files might be erased. Stored files on the router, such as configuration templates and shell scripts (the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored files, copy them to another system before upgrading or downgrading the routing platform. For more information, see the Installation and Upgrade Guide.

Note

We recommend that you upgrade all software packages out of band using the console because in-band connections are lost during the upgrade process.

To download and install Junos OS Release 20.1R1:

  1. Using a Web browser, navigate to the All Junos Platforms software download URL on the Juniper Networks webpage:

    https://support.juniper.net/support/downloads/

  2. Select the name of the Junos OS platform for the software that you want to download.
  3. Select the release number (the number of the software version that you want to download) from the Release drop-down list to the right of the Download Software page.
  4. Select the Software tab.
  5. In the Install Package section of the Software tab, select the software package for the release.
  6. Log in to the Juniper Networks authentication system by using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
  7. Review and accept the End User License Agreement.
  8. Download the software to a local host.
  9. Copy the software to the routing platform or to your internal software distribution site.
  10. Install the new jinstall package on the router.Note

    We recommend that you upgrade all software packages out of band using the console because in-band connections are lost during the upgrade process.

    All customers except the customers in the Eurasian Customs Union (currently composed of Armenia, Belarus, Kazakhstan, Kyrgyzstan, and Russia) can use the following package:

    user@host> request system software add validate reboot source/junos-install-ptx-x86-64-20.1R1.9.tgz

    Customers in the Eurasian Customs Union (currently composed of Armenia, Belarus, Kazakhstan, Kyrgyzstan, and Russia) can use the following package (limited encryption Junos OS package):

    user@host> request system software add validate reboot source/junos-install-ptx-x86-64-20.1R1.9-limited.tgz

    Replace the source with one of the following values:

    • /pathname—For a software package that is installed from a local directory on the router.

    • For software packages that are downloaded and installed from a remote location:

      • ftp://hostname/pathname

      • http://hostname/pathname

      • scp://hostname/pathname

    The validate option validates the software package against the current configuration as a prerequisite to adding the software package to ensure that the router reboots successfully. This is the default behavior when the software package being added is a different release.

    Adding the reboot command reboots the router after the upgrade is validated and installed. When the reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.

    Rebooting occurs only if the upgrade is successful.

Note

You need to install the Junos OS software package and host software package on the routers with the RE-PTX-X8 Routing Engine. For upgrading the host OS on this router with VM Host support, use the junos-vmhost-install-x.tgz image and specify the name of the regular package in the request vmhost software add command. For more information, see the VM Host Installation topic in the Installation and Upgrade Guide.

Note

After you install a Junos OS Release 20.1jinstall package, you cannot return to the previously installed software by issuing the request system software rollback command. Instead, you must issue the request system software add validate command and specify the jinstall package that corresponds to the previously installed software.

Note

Most of the existing request system commands are not supported on routers with RE-PTX-X8 Routing Engines. See the VM Host Software Administrative Commands in the Installation and Upgrade Guide.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.

You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.4, 18.1, and 18.2 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from Junos OS Release 17.1 to Release 17.3. However, you cannot upgrade directly from a non-EEOL release that is more than three releases ahead or behind.

To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.

For more information about EEOL releases and to review a list of EEOL releases, see https://support.juniper.net/support/eol/software/junos/.

Upgrading a Router with Redundant Routing Engines

If the router has two Routing Engines, perform a Junos OS installation on each Routing Engine separately to avoid disrupting network operation as follows:

  1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the configuration change to both Routing Engines.

  2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running software version on the master Routing Engine.

  3. After making sure that the new software version is running correctly on the backup Routing Engine, switch over to the backup Routing Engine to activate the new software.

  4. Install the new software on the original master Routing Engine that is now active as the backup Routing Engine.

For the detailed procedure, see the Installation and Upgrade Guide.