Junos OS Release Notes for EX Series Switches
These release notes accompany Junos OS Release 20.1R1 for the EX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.
Learn about new features introduced in the Junos OS main and maintenance releases for EX Series switches.
The following EX Series switches are supported in Release 20.1R1: EX2300, EX2300-C, EX3400, EX4300, EX4600-40F, EX4650, EX9200, EX9204, EX9208, EX9214, EX9251, and EX9253.
Routing traffic between a VXLAN and a Layer 3 logical interface (EX4650 and QFX5120)—Starting in Junos OS Release 20.1R1, EX4650 and QFX5120 switches support the routing of traffic between a Virtual Extensible LAN (VXLAN) and a Layer 3 logical interface. (You can configure the Layer 3 logical interface using the set interfaces interface-name unit logical-unit-number family inet address ip-address/prefix-length or the set interfaces interface-name unit logical-unit-number family inet6 address ipv6-address/prefix-length command.) This feature is enabled by default, so you do not need to take any action to enable it.
By default, this feature is disabled on QFX5110 switches. To enable the feature on QFX5110 switches, you must perform the configuration described in Understanding How to Configure VXLANs and Layer 3 Logical Interfaces to Interoperate.
Interfaces and Chassis
Support for static link protection on aggregated interfaces (EX4650, QFX5120-32C, and QFX5120-48Y)—Starting in Junos OS Release 20.1R1, you can enable link protection on aggregated interfaces for a specified static label-switched path (LSP). You can designate a primary and a backup physical link to support link protection. Egress traffic passes only through the designated primary link. This traffic includes transit traffic and locally generated traffic on the router. When the primary link fails, traffic is routed through the backup link.
Junos OS XML, API, and Scripting
jcs:load-configurationtemplate supports loading the rescue configuration (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release 20.1R1, the
jcs:load-configurationtemplate supports the
rescueparameter to load and commit the rescue configuration on a device. SLAX and XSLT scripts can call the
jcs:load-configurationtemplate with the
rescueparameter set to
"rescue"to replace the active configuration with the rescue configuration.
Junos Telemetry Interface
MPLS and local routing sensor streaming support on JTI (EX2300, EX3400, EX4300, EX4600, and EX9200)—Junos OS Release 20.1R1 provides MPLS constrained-path Label Switched Paths (LSPs), RSVP-Traffic Engineering (RSVP-TE) and local routing statistics using Junos telemetry interface (JTI) and remote procedure call (gRPC) services. Streaming statistics are sent to an outside collector at configurable intervals.
The following resource paths are supported:
Local routing (resource path
MPLS constrained-path LSPs and RSVP-TE (resource path
To provision the sensor to export data through gRPC services, use the telemetrySubscribe RPC.
Streaming telemetry data through gRPC or gNMI also requires the OpenConfig for Junos OS module.
JTI infrastructure support for (EX2300, EX2300-MP, and EX3400)—Junos OS Release 20.1R1 provides Junos telemetry interface (JTI) infrastructure support for EX2300, EX2300-MP, and EX3400 switches.
Layer 2 Features
Q-in-Q support on redundant trunk links using LAGs with link protection (EX4300-MP switches and Virtual Chassis)—Starting in Junos OS Release 20.1R1, Q-in-Q is supported on redundant trunk links (also called “RTGs”) using LAGs with link protection. Redundant trunk links provide a simple solution for network recovery when a trunk port on a switch goes down. In that case, traffic is routed to another trunk port, keeping network convergence time to a minimum.
Q-in-Q support on redundant trunk links on a LAG with link protection also includes support for the following items:
Configuration of flexible VLAN tagging on the same LAG that supports the redundant links configurations
Multiple redundant links configurations on one physical interface
PIM with IPv6 multicast traffic (EX4650 and QFX5120-48Y)—Starting in Junos OS Release 20.1R1, EX4650 and QFX5120-48Y switches support Protocol Independent Multicast (PIM) with IPv6 multicast traffic as follows:
PIM sparse mode (PIM-SM), PIM dense mode (PIM-DM), and PIM sparse-dense mode (PIM-SDM)
PIM any-source multicast (PIM-ASM) and PIM source-specific multicast (PIM-SSM)
Static, embedded, and anycast rendezvous points (RPs)
[See PIM Overview.]
Routing Policy and Firewall Filters
Support for flexible-match-mask match condition (EX4650 and QFX-Series)—Starting with Junos OS Release 20.1R1, for EX4650, QFX5120-32C, and QFX5120-48Y switches, the flexible-match-mask match condition in firewall filters is supported for the inet, inet6, and ethernet-switching families. With this feature, you can configure a filter by specifying the length of the match (4 bytes maximum) starting from a Layer 2 or Layer 3 packet offset.
Storage and Fibre Channel
FIP snooping (EX4650-48Y and QFX5120-48Y)—Starting in Junos OS Release 20.1R1, EX4650-48Y and QFX5120-48Y switches support Fibre Channel over Ethernet (FCoE) Initialization Protocol (FIP) snooping. With FIP snooping enabled on these switches, you prevent unauthorized access and data transmission to a Fibre Channel (FC) network by permitting only those servers that have logged in to the FC network to access the network. You enable FIP snooping on FCoE VLANs when the switch is being used as an FCoE transit switch that connects FC initiators (servers) on the Ethernet network to FCoE forwarders at the FC storage area network (SAN) edge.
Change status LED for network port to chassis beacon light (EX4300-48MP switch and EX4300-48MP Virtual Chassis)—By default, when a network port and its associated link are active, the status LED for that port blinks green 8 times per second. Starting in Junos OS Release 20.1R1, you can use the request chassis beacon command to slow down the current blinking rate to 2 blinks per second. The slower-blinking and steadier green light acts as a beacon that leads you to an EX4300-48MP switch or a particular port in a busy lab.
Using options with the request chassis beacon command, you can do the following for one or all network port status LEDs on a specified FPC:
Turn on the beacon light for:
5 minutes (default)
A specified number of minutes (1 through 120)
Turn off the beacon light:
After a specified number of minutes (1 through 120)
After the beacon light is turned off, the blinking rate for the network port’s status LED returns to 8 blinks per second.
[See request chassis beacon.]
Virtual Chassis support for up to four member switches (EX4650 switches)—Starting in Junos OS Release 20.1R1, you can interconnect up to four EX4650-48Y switches into a Virtual Chassis managed as a single device. The Virtual Chassis:
Contains only EX4650-48Y switches.
Has two member switches in Routing Engine role (master, backup) and the remaining members in linecard role.
Supports 40-Gigabit Ethernet or 100-Gigabit Ethernet QSFP28 ports on the front panel (ports 48 through 55) as Virtual Chassis ports (VCPs).
A EX4650-48Y Virtual Chassis with two to four members now also supports the following protocol features that were not previously supported on a two-member EX4650-48Y Virtual Chassis:
IEEE 802.1X authentication
Layer 2 port security features, including IP source guard, IPv6 router advertisement (RA) guard, DHCP, and DHCP snooping
Redundant trunk groups (RTG)
EX4650-48Y Virtual Chassis has limitations on protocol feature support compared to the standalone switch. The following protocol features are not supported:
Junos telemetry interface (JTI)
Multichassis link aggregation (MC-LAG)
Priority-based flow control (PFC)
Configuration and operation are the same as for other non-mixed EX Series and QFX Series Virtual Chassis.
[See Virtual Chassis Overview for Switches, 802.1X Authentication, MPLS Overview, DHCP Snooping, Understanding DHCP Snooping (ELS), Understanding IP Source Guard for Port Security on Switches, and Understanding IPv6 Router Advertisement Guard.]
Learn about what changed in Junos OS main and maintenance releases for EX Series.
Multicast Layer 2 transit traffic statistics by multicast source and group (EX4600, EX4650, and the QFX5000 line of switches)—Starting in Junos OS Release 20.1R1, EX4600, EX4650, and the QFX5000 line of switches provide statistics on the packet count for each multicast group and source when passing multicast transit traffic at Layer 2 with IGMP snooping. Run the show multicast snooping route extensive CLI command to see this count in the Statistics: … n packets output field. The other statistics in that output field, kBps and pps, are not available (values displayed there are not valid statistics for multicast traffic at Layer 2). In earlier Junos OS releases, all three values in the Statistics output field for kBps, pps, and packets do not provide valid statistics for multicast traffic at Layer 2.
Learn about known limitations in this release for EX Series. For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.
If Junos OS panics with a file-system-related panic, such as 'dup alloc', recovery through the OAM shell might be needed. From the OAM shell, run 'fsck' on the root volume until it is marked clean. Only at this point, it is safe to reboot to the normal volume. PR1444941
Platform and Infrastructure
The ge and mge ports have different color contrasts because of different vendors. PR1470312
Learn about open issues in Junos OS Release 20.1R1 for EX Series. For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.
On an EX9208 switch, a few xe- interfaces are going down with the error if_msg_ifd_cmd_tlv_decode ifd xe-0/0/0 #190 down with ASIC Error. PR1377840
On EX2300 and EX4650 switches, unicast RPF check in strict mode might not work properly. PR1417546
The time taken to install IPv4 or IPv6 routes into the FIB or delete them from the FIB is slowed down in Junos OS Release 19.3. Analysis shows that rpd learning rates are not degraded but RIB-to-FIB download rate is degraded. PR1441737
On an EX9214 switch, if the MACsec-enabled link flaps after reboot, the error errorlib_set_error_log(): err_id(-1718026239) is observed. PR1448368
In overall commit time, the evaluation of mustd constraints is taking 2 seconds more than usual. This is because the persist-group-inheritance feature has been made a default feature in the latest Junos OS releases. Eventually, this feature helps improve the subsequent commit times for scaled configurations significantly. The persist-group-inheritance feature is useful in customer scenarios where groups and nested groups are used extensively. In those scenarios, the group inheritance paths are not built every time, thus subsequent commits are faster. PR1457939
On EX4300 switches, when packets entering a port exceed a size of 144 bytes, they might get dropped in very few cases. PR1464365
Under certain conditions, FXPC core files might be generated when the Virtual Chassis reboots. Subsequently, the FXPC process comes up again and the Virtual Chassis is formed. PR1470185
Memory issues are seen while you do NSSU from earlier Junos OS Release to Junos OS Release 20.1R1. Manually cleanup the space and run the request system storage cleanup command. PR1494963
On EX3400 and EX2300 switches, during zero-touch provisioning (ZTP) with configuration and image upgrade with file transfer through FTP, image upgrade is successful, but sometimes VM core files might be generated. PR1377721
Junos Fusion Provider Edge
On a Junos fusion environment, intermediate traffic drop is seen between AD and SD when sFlow is enabled on an ingress interface. This issue is not seen always. When sFlow is enabled, the original packet gets corrupted for those packets that hit the sFlow filter. This is because a few packets transmitted from the egress interface of AD1 is short of FCS (4 bytes) + 2 bytes of data, due to which the drop occurs. It is seen that the normal data packets are of size 128 bytes (4 bytes FCS + 14 bytes Ethernet header + 20 bytes IP header + 90 bytes data), while the corrupted packet is 122 byte (14 bytes Ethernet header + 20 byte IP header + 88 bytes data). PR1450373
Junos Fusion Satellite Software
In Junos fusion SP setup, EX4300 acting as satellite devices is generating temperature sensor alarm on multiple satellite devices modules connected to same aggregation device. PR1466324
Layer 2 Ethernet Services
If forward-only is set within dhcp-reply in a Juniper Networks device as a DHCP relay agent, the DHCP DECLINE packets that are broadcasted from the DHCP client are dropped and not forwarded to the DHCP server. PR1429456
Multiprotocol Label Switching (MPLS)
In case the two directly connected BGP peers are established over MPLS LSP, if the IP layer's MTU is smaller than the MPLS layer's MTU and the BGP packets from the host have the DF bit set, the BGP session might keep flapping because of the wrong TCP MSS in use. PR1493431
Platform and Infrastructure
On EX9208 switches, traffic loss is observed if ingress and egress ports are in different FPCs. PR1429714
On EX9208 switches, 33 percent degradation in MAC learning rate is seen in Junos OS Release 19.3R1 while comparing with Junos OS Release 18.4R1. PR1450729
MUX state of the LACP interface sometimes does not change when force-up is configured. PR1484523
During issue state, huge incorrect hold down value is displayed for the show route table inet6 prefix extensive command. This is a display issue and actual hold down value is 120 seconds (This can be seen from RIPng traces) and routes are being deleted after 120 seconds. PR1493033
Learn which issues were resolved in Junos OS main and maintenance releases for EX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.
Authentication and Access Control
On EX4600 and EX4300 switches, MAC entry is missing in the Ethernet switching table for Mac-radius client in server fail scenario when tagged is sent for two client. PR1462479
Class of Service (CoS)
Shaping does not work after the reboot if shaping-rate is configured. PR1432078
The traffic is placed in network-control queue on an extended port even if it comes in with different DSCP marking. PR1433252
The rpd might crash after the EVPN-related configuration is changed. PR1467309
Forwarding and Sampling
Type 1 ESI/AD route might not be generated locally on the EVPN PE device in the all-active mode. PR1464778
The l2cpd process might crash and generate a core file when interfaces flap. PR1431355
MicroBFD flap is seen when a QSFP transceiver is inserted into other port. PR1435221
EX4600 Virtual Chassis does not come up after the Virtual Chassis port fiber connection is replaced with a DAC cable. PR1440062
MAC addresses learned on an RTG might not be aged out after a Virtual Chassis member reboots. PR1440574
Except one aggregated Ethernet member link, the other links do not send out sFlow sample packets for ingress traffic. PR1449568
On EX3400 switches with half-duplex mode on 10-Mbps or 100-Mbps speed at medium traffic egress, traffic flow might stop on the port and MAC pause frames will be incrementing in the receive direction. PR1452209
The l2ald and eventd processes are hogging 100 percent after the clear ethernet-switching table command is issued. PR1452738
A firewall filter might not be applied in a particular Virtual Chassis or Virtual Chassis Fabric member as TCAM is running out of space. PR1455177
Packet drop might be seen after removing and reinserting the SFP transceiver of the 40G uplink module ports. PR1456039
Link-up delay and traffic drop might be seen on mixed SP L2/L3 and EP L2 type configurations. PR1456336
The syslog timeout connecting to peer database-replication message is generated when the show version detail command is issued. PR1457284
Overtemperature SNMP trap messages appear after an update even though the temperature is within the system thresholds. PR1457456
The correct VoIP VLAN information in LLDP-MED packets might not be sent after commit if dynamic VoIP VLAN assignment is used. PR1458559
The FXPC process might crash due to several BGP IPv6 session flaps. PR1459759
On EX2300 and EX3400 switches, storage space limitation leads to image installation failure during phone home. PR1460087
MAC addresses learned on redundant trunk group (RTG) might not be aged out after the aging time if the source interface is configured as RTG. PR1461293
RTG link is down for nearly 20 seconds when the backup node is rebooting. PR1461554
Configuring any combination of VLANs and interfaces under VSTP/MSTP might cause the VSTP/MSTP-related configuration to fail. PR1463251
The Virtual Chassis function might be broken after an upgrade on EX2300 and EX3400 devices. PR1463635
A few command lines to disable MAC learning are not working. PR1464797
The jdhcpd might consume a high CPU and no further subscribers can be brought up if there are more than 4000 DHCP relay clients in the MAC move scenario. PR1465277
On EX2300 switches, an FXPC core file is seen after mastership election based on the user's priority. PR1465526
The broadcast and multicast traffic might be dropped over an IRB or a LAG interface in a Virtual Chassis scenario. PR1466423
The MAC move message might have an incorrect from interface when MAC moves rapidly. PR1467459
Optics measurements might not be streamed for interfaces of a PIC over JTI. PR1468435
SSH session closes while you check the show configuration | display set command for both local and non-local users. PR1470695
EX3400 switch is advertising only 100 Mbps when a speed of 100 Mbps is configured with autonegotiation enabled. PR1471931
On EX4600 switches, the shaping of CoS does not work after reboot. PR1472223
On EX3400 switches, CoS 802.1p bits rewrite might not happen in Q-in-Q mode. PR1472350
The RIPv2 packets forwarded across a Layer 2 circuit connection might be dropped. PR1473685
The dhcpd process might crash in a Junos fusion environment. PR1478375
MX Series with MPCs/MICs based line-card might crash when there is a bulk route update failure in a corner case. PR1478392
TFTP installation from loader prompt might not succeed on EX Series devices. PR1480348
In an EVPN-VXLAN scenario, ARP request packets for an unknown host might be dropped in remote PE device. PR1480776
EX2300 switches might stop forwarding traffic or responding to the console. PR1442376
On EX4300 switches, the CLI configuration set chassis routing-engine on-disk-failure disk-failure-action (reboot | halt) is not supported. PR1450093
EX Series switches might not come up properly after reboot. PR1454950
On EX4600 and EX4300 Virtual Chassis, error messages related to soft reset of port due to queue buffers being stuck could be seen. PR1462106
Traffic is dropped on an EX4300-48MP device acting as a leaf device in a Layer 2 IP fabric EVPN-VXLAN environment. PR1463318
EX3400 switches might reboot because of lack of watchdog patting. PR1469400
In an EX2300 Virtual Chassis scenario, continuous dcpfe error messages and eventd process hog might be seen. PR1474808
Interfaces and Chassis
VRRPv6 state is flapping with init and idle states after configuring vlan-tagging. PR1445370
Traffic might be forwarded to incorrect interfaces in an MC-LAG scenario. PR1465077
Executing commit might become unresponsive due to stuck device control process. PR1470622
Junos Fusion Enterprise
Loop detection might not work on extended ports in Junos fusion scenarios. PR1460209
Junos Fusion Satellite Software
In Junos fusion for enterprise, the dpd crash might be observed on satellite devices running SNOS. PR1460607
Layer 2 Features
MAC or ARP learning might not work for copper base SFP-T transceivers on EX4600 switches. PR1437577
The Link Layer Discovery Protocol (LLDP) function might fail when a Juniper device connects to a non-Juniper device. PR1462171
After rebooting, an FXPC core file might be seen when committing the configuration. PR1467763
Traffic might be affected if composite next-hop is enabled. PR1474142
Layer 2 Ethernet Services
Member links state might be asynchronized on a connection between PE and CE devices in an EVPN A/A scenario. PR1463791
Platform and Infrastructure
NSSU causes traffic loss again after the backup to master transitions. PR1448607
In a Virtual Chassis scenario, the IRB traffic might get dropped after master switchover. PR1453025
The OSPF neighbor might go down when mDNS/PTP traffic is received at a rate higher than 1400 pps. PR1459210
ERP might not revert to IDLE state after reload or reboot of multiple switches. PR1461434
On EX4300 Virtual Chassis, traffic loss might be observed longer than 20 seconds when performing NSSU. PR1461983
On EX2300 and EX3400 switches, the upgrade might fail as there is not enough space. PR1464808
On EX4300 switches, IGMP reports are dropped when mixed enterprise and service provider configuration styles are used. PR1466075
On EX4300 switches, an input firewall filter attached to isolated or community VLANs fails to match dot1p bits on the VLAN header. PR1478240
Virtual Chassis VRRP peer drops packets destined to the VRRP VIP after IRB is disabled. PR1491348
Host-destined packets with the filter log action might not reach the Routing Engine if log or syslog is enabled. PR1379718
On EX9208 platforms, BGP IPv4 or IPv6 convergence and RIB install or delete time are degraded in Junos OS Releases 19.1R1, 19.2R1, 19.3R1, and 19.4R1. PR1414121
The other querier present interval timer cannot be changed in an IGMP/MLD snooping scenario. PR1461590
User Interface and Configuration
Problem with access to J-Web after updating from Junos OS Release 18.2R2 to Release 18.2R3. PR1454150
Error message umount: unmount of /.mount/var/val/chroot/packages/mnt/jweb-ex32-d2cf6f6b failed: Device busy is seen when Junos OS is upgraded with the validate option. PR1478291
This section lists the errata and changes in Junos OS Release 20.1R1 documentation for the EX Series.
Dynamic Host Configuration Protocol (DHCP)
Introducing DHCP User Guide—Starting in Junos OS Release 20.1R1, we are introducing the DHCP User Guide for Junos OS routing, switching, and security platforms. This guide provides basic configuration details for your Junos OS device as DHCP Server, DHCP client, and DHCP relay agent.
[See DHCP User Guide.]
Migration, Upgrade, and Downgrade Instructions
This section contains the upgrade and downgrade support policy for Junos OS for the EX Series. Upgrading or downgrading Junos OS can take several hours, depending on the size and configuration of the network. For information about software installation and upgrade, see the Installation and Upgrade Guide.
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1, 17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see https://support.juniper.net/support/eol/software/junos/.