Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Junos OS Release Notes for NFX Series

 

These release notes accompany Junos OS Release 20.1R1 for the NFX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os

What’s New

Learn about new features introduced in the Junos OS main and maintenance releases for NFX Series.

Note

For information about NFX product compatibility, see NFX Product Compatibility.

Application Security

  • AppQoE support for granular APBR rules (NFX Series devices)—Starting in Junos OS Release 20.1R1, AppQoE utilizes the granular rule matching functionality of advanced policy-based routing (APBR) for better quality of experience (QoE) for the application traffic.

    In Junos OS Release 18.2R1, APBR supported configuring policies by defining source addresses, destination addresses, and applications as match conditions. After a successful match, the configured APBR profile is applied as an application services for the session. In this release, AppQoE leverages the APBR enhancement and selects the best possible link for the application traffic as sent by APBR to meet the performance requirements specified in SLA.

    [See Application Quality of Experience.]

  • Default mechanism to forward the traffic through APBR rule (NFX Series devices)—Starting in Junos OS 20.1R1, you can configure a APBR rule by specifying the dynamic application match criteria with any keyword. This provides a default mechanism to forward the traffic to a specific next-hop device or to a destination if the traffic matches any dynamic application.

    [See Advanced Policy-Based Routing.]

  • Custom application enhancements (NFX Series devices)—Starting in Junos OS Release 20.1R1, we have enhanced the customer application signature functionality by providing a new set of applications and contexts.

    Application identification allows you to create custom application signatures to detect applications specific to your network environment. You can create custom application signatures for applications based on ICMP, IP protocol, IP address, and Layer7 or TCP/UDP stream. While configuring the custom application signatures, you must specify the context values that the device can use to match the patterns in the application traffic.

    Custom application signature contexts are part of application signature package. You must download and install the latest application signature package version 3248 or later to use new contexts for custom application signatures.

    [See Custom Application Signatures for Application Identification..]

Interfaces

  • Single-leg and Unidirectional Cross-connect— Starting in Junos OS Release 20.1R1, NFX Series devices support single-leg cross-connect and unidirectional cross-connect features.

    Single-leg cross-connect feature allows configuration of single entry in the cross-connect. The entry can be either VNF interface or a virtual interface. You can configure the other entry in the cross-connect at any later point of time.

    Unidirectional cross-connect feature allows the traffic to be forwarded conditionally or unconditionally in a single direction. Traffic flow in the opposite (other) direction follows the MAC-based forwarding rule.

    [See How to Configure NFX150..]

    [See How to Configure NFX250..]

    [See How to Configure NFX350..]

Virtual Network Functions (VNFs)

  • Virtual Router Reflector (VRR) Virtual Network Function (VNF) in Enhanced Orchestration (EO) mode— Starting in Junos OS Release 20.1R1, you can instantiate the Virtual Router Reflector (VRR) VNF on Enhanced Orchestration (EO) by using the JDM CLI configuration and without using the XML descriptor file. EO mode uses Open vSwitch (OVS) as NFV backplane for bridging the interfaces.

    [See How to Configure NFX250..]

What's Changed

Learn about what changed in the Junos OS main and maintenance releases for NFX Series.

Known Limitations

Learn about known limitations in Junos OS Release 20.1R1 for NFX Series devices.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Open Issues

Learn about open issues in Junos OS Release 20.1R1 for NFX Series devices.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Interfaces

  • When you issue a show interface command on NFX150 devices to check the interface details, the system will not check whether the interface name provided is valid or invalid. The system will not generate an error message if the interface name is invalid. PR1306191

  • On NFX150 and NFX250 NextGen devices, when you add, modify, or delete a VNF interface that is mapped to an L2 or L3 data plane, kernel traces might be observed on the NFX Series device console. PR1435361

  • The heth-0-4 and heth-0-5 ports do not detect traffic when you try to activate the ports by plugging or unplugging the cable. As a workaround, perform a link flap or enable or disable the interface using the CLI. PR1449278

Platform and Infrastructure

  • Jumbo frames are not supported through OVS on an NFX250 device. PR1420630

  • On an NFX250-LS1 device that is operating in Compute mode, the traffic throughput rate is be reduced with OVS cross-connect configuration. PR1438687

  • On an NFX Series device, an srxpfe core may be seen when you attempt to configure, reconfigure, or delete the dual VF mappings on the device. PR1458452

Resolved Issues

Learn which issues were resolved in the Junos OS Release 20.1R1 for NFX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

High Availability

  • On an NFX150 high availability chassis cluster, the host logs updated in the system log messages might not show the correct time stamp. As a workaround, convert the UTC time stamp to local time zone. PR1394778

Interfaces

  • On NFX150 devices, no error is displayed when the commit fails after you configure native-vlan-id on an access VNF interface. PR1438854

  • On NFX Series devices, ping is not working between the cross-connected interfaces with interface deny-forwarding configuration. PR1442173

  • On NFX Series devices, the static MAC address is replaced by random MAC address. PR1458554

  • When traffic goes through vSRX3.0 platforms, core-dump files are generated and traffic is dropped. This issue might result in Packet Forwarding Engine being inactive and all interfaces being down. PR1465132

  • On NFX150 devices, GRE tunnel interface (gr-1/0/0) may not appear if clear-dont-fragment-bit option is configured for the GRE interface. As a workaround, remove the clear-dont-fragment-bit configuration from the GRE interface. PR1472029

  • On NFX350 devices, if you delete and add SXE interfaces, the SXE interface moves to Spanning Tree Protocol blocking (STP BLK) state, and the traffic drops on that interface. PR1475854

Mapping of Address and Port with Encapsulation (MAP-E)

  • On NFX Series devices, IP identification (IP ID) is not changed after MAP-E NAT44 is performed on fragment packets when the packets reach the customer edge (CE) device. To avoid this issue, you can configure the Border Relay (BR) device as follows:

    user@host# set services softwire softwire-concentrator map-e mape-domain-1 v4-reassembly
    user@host# set services softwire softwire-concentrator map-e mape-domain-1 v6-reassembly

    PR1478037

Platform and Infrastructure

  • On NFX Series devices, if there are any conditional groups, the l2cpd process might crash and generate a core dump when interfaces are flapping and the lldp neighbors are available. It might cause the dot1x process to fail and all the ports have a short interruption at the time of process crash. As a workaround, delete the conditional group in the device. PR1431355

  • Half duplex configuration on 1G ports is not supported when auto-negotiation is disabled. PR1453911

  • On NFX350 devices, if you execute the show vmhost mode command multiple times, JDM may crash and cause the show commands to stop working. PR1474220

  • After a power outage, JDMD is not responsive as the /etc/hosts file is corrupted on NFX250 devices. PR1477151

Routing Protocols

  • On NFX Series devices, changing the other querier present interval timer is not working on IGMP or MLD snooping device in the existing Bridge Domain (BD) or Listener Domain (LD). As a workaround, deactivate or activate the IGMP snooping via configuration or run the restart multicast-snooping command.PR1461590

Virtual Network Functions (VNFs)

  • On NFX150 and NFX250 NextGen devices, when two flowd interfaces are mapped to the same physical interface and if you delete the interface mapping to VF0, the traffic flow is disrupted. Even though the mapping is moved to VF0, the MAC address is not cleared in VF1, which disrupts the traffic. As a workaround, reboot the device, which resets the MAC address to the default value. PR1448595

  • On NFX150 devices, when you need to change the vmhost mappings of a particular NIC or NICs, you must delete the existing vmhost mapping and commit the configuration. Now you can configure the new mappings for the respective NICs. You cannot change the NIC vmhost mappings in the same commit to delete and add a new mapping to the heth NICs. PR1459885

  • NFX250 devices do not allow jdm (case-insensitive) as a VNF name. You can use jdm as a part of the name. For example, jdm123, abcJDM, abcJDM123 are valid VNF names, whereas, jdm, JDM, Jdm, JDm are not valid VNF names. PR1463963

  • On NFX350 devices, instantiating a VNF using XML descriptor files with interfaces mapped to VF does not work. PR1478456

Documentation Updates

There are no errata or changes in Junos OS Release 20.1R1 documentation for NFX Series.

Migration, Upgrade, and Downgrade Instructions

This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for Junos OS for the NFX Series. Upgrading or downgrading Junos OS might take several hours, depending on the size and configuration of the network.

Note

For information about NFX product compatibility, see NFX Product Compatibility.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.

To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.

For more information on EEOL releases and to review a list of EEOL releases, see https://www.juniper.net/support/eol/junos.html.

Basic Procedure for Upgrading to Release 20.1

When upgrading or downgrading Junos OS, use the jinstall package. For information about the contents of the jinstall package and details of the installation process, see the Installation and Upgrade Guide. Use other packages, such as the jbundle package, only when so instructed by a Juniper Networks support representative.

Note

The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration information from the previous software installation is retained, but the contents of log files might be erased. Stored files on the device, such as configuration templates and shell scripts (the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored files, copy them to another system before upgrading or downgrading the device. For more information, see the Software Installation and Upgrade Guide.

Note

We recommend that you upgrade all software packages out of band using the console because in-band connections are lost during the upgrade process.

To download and install Junos OS Release 20.1R1:

  1. Using a Web browser, navigate to the All Junos Platforms software download URL on the Juniper Networks webpage:

    https://www.juniper.net/support/downloads/

  2. Select the name of the Junos OS platform for the software that you want to download.
  3. Select the Software tab.
  4. Select the release number (the number of the software version that you want to download) from the Version drop-down list to the right of the Download Software page.
  5. In the Install Package section of the Software tab, select the software package for the release.
  6. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
  7. Review and accept the End User License Agreement.
  8. Download the software to a local host.
  9. Copy the software to the device or to your internal software distribution site.
  10. Install the new package on the device.