Junos OS Evolved Release Notes for QFX5220 Devices
These release notes accompany Junos OS Evolved Release 20.1R2 for QFX5220-32CD and QFX5220-128C Switches. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.
Learn about new features introduced in Junos OS Evolved Release 20.1R2 for the QFX5220.
What’s New in Junos OS Evolved Release 20.1R2
Recommendation to include the local-address statement when configuring IBGP and multihop EBGP—When a device peers with a remote device’s loopback interface address, use the local-address statement at the [edit protocols bgp group internal-peers] hierarchy to specify the source information in BGP update messages. Although a BGP session can be established when only one of the paired routing devices has local-address configured, we strongly recommend that you configure local-address on both paired routing devices for IBGP and multihop EBGP sessions. The local-address statement ensures that deterministic fixed addresses are used for the BGP session end-points.
What’s New in Junos OS Evolved Release 20.1R1
Forwarding and Sampling
Customizing hashing parameters and shared-buffer alpha values for better load balancing (QFX5220)—The QFX5220 switches achieve load balancing through the use of a hashing algorithm, which determines how to forward traffic over LAG bundles or to next-hop devices when ECMP is enabled. Starting with Junos OS Evolved Release 20.1R1, you can explicitly configure some hashing parameters to make hashing more efficient. The shared-buffer pool is a global memory space that all ports on the switch share dynamically as they need buffers. The switch uses the shared-buffer pool to absorb traffic bursts after the dedicated-buffer pool is exhausted. The shared-buffer pool threshold is dynamically calculated based on a factor called alpha. You can also specify the alpha, or dynamic threshold, value to determine the change threshold of shared buffer pools for both ingress and egress buffer partitions.
To specify hashing parameters:
user@switch# set forwarding-options enhanced-hash-key hash-parameters (ecmp | lag)
To specify a threshold value for a particular queue:
user@switch# set class-of-service shared-buffer (ingress | egress) buffer-partition buffer dynamic-threshold value
View ARP table entries and IPv6 neighbor information (QFX5220)—Starting in Junos OS Evolved Release 20.1R1, on QFX5220 switches, you can view the following:
Address Resolution Protocol (ARP) details such as the next-hop reference count and the next-hop current state, using the commands show arp reference-count and show arp state.
IPv6 neighbor cache information, using the following commands: show ipv6 neighbors flags, show ipv6 neighbors host, show ipv6 neighbors interface interface-name, show ipv6 neighbors reference-count, show ipv6 neighbors vpn vpn-name.
Support for running applications signed by users (PTX10003, PTX10008, QFX5220)—Starting with Junos OS Evolved Release 20.1R1, root users can generate signing keys which can be used to sign Linux applications and allow them to run on your device.
Signing keys are stored in the system-keystore by using the following CLI command: request security system-keystore import key-name key-name private-key key-path x509-cert certificate-path. Once a key is stored in the system-keystore, it can be used to sign a file with the following CLI command: request security integrity measure file file-name key key-name.
Interfaces and Chassis
Support for dynamic load balancing (QFX5220)—In Junos OS Evolved Release 20.1R1, QFX5220 switches support dynamic load balancing (DLB) for ECMP. DLB is an enhancement to static load balancing. DLB considers member bandwidth utilization along with packet content for member selection.
You can use the following DLB modes to load-balance traffic:
To configure DLB for ECMP, include the ecmp-dlb statement at the [edit forwarding-options enhanced-hash-key] hierarchy level.
You cannot configure both DLB and resilient hashing at the same time.
Junos OS XML API and Scripting
jcs:load-configurationtemplate supports loading the rescue configuration (PTX Series and QFX Series)—Starting in Junos OS Evolved Release 20.1R1, the
jcs:load-configurationtemplate supports the
rescueparameter to load and commit the rescue configuration on a device. SLAX and XSLT scripts can call the
jcs:load-configurationtemplate with the
rescueparameter set to
"rescue"to replace the active configuration with the rescue configuration.
Requests library support in Python scripts (QFX5220-32CD and QFX5220-128C)—Starting in Junos OS Evolved Release 20.1R1, QFX5220 switches support the Requests library, an HTTP library for Python. Python scripts can import the
requestsmodule to send HTTP/1.1 requests. The Requests library provides additional methods for supporting initial deployments as well as for performing routine monitoring and configuration changes on devices running Junos OS Evolved.
Support for multicast forwarding (QFX5220-32CD and QFX5220-128C)—Starting with Junos OS Evolved Release 20.1R1, the following multicast features are supported:
IPv4 and IPv6 multicast
Internet Group Management Protocol (IGMP)
Multicast Listener Discovery (MLD)
Protocol Independent Multicast source-specific multicast (PIM SSM)
Protocol Independent Multicast sparse mode (PIM SM)
Support does not extend to features beyond those listed above. That is, in this release, IGMP snooping, MLD snooping, MVPN Multicast, PIM MoFRR, PIM First Hop router (FHR), Rendezvous point (RP), and Last Hop Router (LHR) are not supported. In addition, IRB interface is not supported as either a source or receiver, and make before break (MBB) is not supported for existing layer 3 Aggregated Ethernet (AE) and link aggregation group (LAG) receivers (member addition/deletions or up/downs).
[See Multicast Routing Protocols ].
Network Management and Monitoring
Support for running a Puppet agent as a Docker container (PTX10003-80C, PTX10003-160C, QFX5220-32CD, and QFX5220-128C)—Starting in Release 20.1R1, devices running Junos OS Evolved support running a Puppet agent as a Docker container. As an alternative to using the Puppet agent that is integrated into the Junos OS Evolved software image, you can use the Puppet agent Docker container provided by Juniper Networks. Using the container enables you to use standard Docker tools to manage the container and mount or unmount the Puppet agent as needed.
Support for running a Chef client as a Docker container (PTX10003-80C, PTX10003-160C, QFX5220-32CD, and QFX5220-128C)—Starting in Release 20.1R1, devices running Junos OS Evolved support running a Chef client as a Docker container. As an alternative to using the Chef client that is integrated into the Junos OS Evolved software image, you can use the Chef client Docker container provided by Juniper Networks. Using the container enables you to use standard Docker tools to manage the container and mount or unmount the Chef client as needed.
[See Deploying Chef for Junos OS.]
Routing Policy and Firewall Filters
Support for 2000 egress firewall filters (QFX5220)—Starting in Junos OS Evolved Release 20.1R1, you can configure up to 2000 VLAN firewall filters on the QFX5220 switch. This feature is supported only in the egress direction (traffic exiting the VLAN). To configure, include the egress-scale option under the eracl-profile statement at the [edit system packet-forwarding-options firewall] hierarchy level.
Software Installation and Upgrade
Zero touch provisioning using WAN interfaces (QFX5220-32CD)—Starting in Junos OS Evolved Release 20.1R1, Zero Touch Provisioning (ZTP) uses either WAN interfaces or the management interface to automatically download and install the appropriate software and the configuration file on your device during the bootstrap process.
ZTP starts with the management interface, and if it does not receive the minimal set of DHCP parameters, it will then try any of the interfaces that has WAN links that are up. If none of the interfaces provide a minimal set of DHCP parameters, ZTP retries the process again.
[See Zero Touch Provisioning.]
Support for asynchronous notifications, SIOCETHTOOL iotcl, and multipath routes (QFX Series)—Junos OS Evolved Release 20.1R1 supports the following features:
Use the set system netlink-async-mode configuration to enable NETLINK_ROUTE asynchronous notifications. This feature is disabled by default. Use show nsld mode to show the current netlink asynchronous mode.
SIOCETHTOOL ioctl, which can be used by other applications.
Multipath next-hop route information through netlink route attributes.
Support for curl binary on Junos OS Evolved (QFX Series)—The curl binary is a command-line utility, used from the shell, that you can use to perform operations over several transport protocols including FILE, FTP, HTTP, and SMTP. The curl binary can improve your workflow by making it much easier to gather information about a device. Junos OS Evolved Release 20.1R1 supports curl version 7.50.1 and libcurl version 7.50.1.
Spanning Tree Protocols
Spanning-Tree Protocol (STP), Rapid Spanning-Tree Protocol (RSTP), Multiple Spanning-Tree Protocol (MSTP), and VLAN Spanning-Tree Protocol (VSTP) support (QFX5220)—Starting in Junos OS Evolved Release 20.1R1, You can use STP, RSTP, MSTP, and VSTP to provide Layer 2 loop prevention.
Support for system log notifications over MQTT when configuring JET applications (PTX10003, PTX10008, and QFX5220)—Starting in Junos OS Evolved Release 20.1R1, you can configure JET applications by using the CLI and then enable the applications to subscribe to system log events. The Junos OS Evolved eventd process sends system log notifications to the event broker. The broker then sends the notifications formatted as JSON messages to the JET application over the Message Queuing Telemetry Transport (MQTT) protocol.
To enable a JET application to subscribe to system log events, configure the extension-service statement at the [edit system extensions] hierarchy level. You can manage the JET application by using commands at the [edit system extensions] and [edit system services extension-service] hierarchy levels.
Boundary clock and enterprise profile support for Precision Time Protocol (PTP) (QFX5220 devices)—Starting in Junos OS Evolved Release 20.1R1, the enterprise profile, which is based on PTPv2, provides the ability for enterprise and financial markets to timestamp on different systems and to handle a range of latency and delays.
The enterprise profile supports the following options:
IPv4 multicast transport
512 downstream slave clocks
You can enable the enterprise profile at the [edit protocols ptp profile-type] CLI hierarchy.
Precision Time Protocol (PTP) transparent clock (QFX5220)—Starting in Junos OS Release 20.1R1 EVO, you can use a transparent clock to update the PTP packets with the residence time as the packets pass through the switch. There is no master/slave designation. The switches support end-to-end transparent clocks, which include only the residence time. The transparent clock can update the residence time in a one-step process, which means it sends the timestamps in one packet.
To use a transparent clock, enable the e2e-transparent statement at the [edit protocols ptp].
Packet Timestamping using PTP Reference Clock (QFX5220)—Starting in Junos OS Evolved Release 20.1R1, flow-based packets are timestamped with the recovered PTP clock. Packet timestamping is supported on family ethernet-switching, inet and inet6.
Learn about what changed in Junos OS Evolved Release 20.1R2 for the QFX5220.
Changes in CLI Statements and Commands
To see the list of CLI statements and commands changed in Junos OS Evolved, see How Junos OS Evolved Differs from Junos OS in the Introducing Junos OS Evolved Guide.
What’s Changed in Junos OS Evolved Release 20.1R2
Support for full inheritance paths of configuration groups to be built into the database by default (PTX10003 PTX10008, and QFX5220)—Starting with Junos OS Evolved Release 19.3R1, the persist-groups-inheritance option at the [edit system commit] hierarchy level is enabled by default. To disable this option, use no-persist-groups-inheritance.
[See commit (System).]
What’s Changed in Junos OS Evolved Release 20.1R1
Interfaces and Chassis
Modified Ethernet interface configuration (PTX10003, PTX10008, and QFX5220)—Starting in Junos OS Evolved Release 20.1R1, you’ll no longer see the gigether-options statement at the [edit interfaces interface-name] hierarchy level. To configure Ethernet interfaces and link aggregation groups (LAGs), use the set interfaces interface-name ether-options command instead.
The following options are added to the ether-options statement:
Junos Telemetry Interface (JTI)
LLDP ON_CHANGE statistics support with JTI (PTX Series, QFX Series)—Enhanced telemetry ON_CHANGE event support provides the following LLDP attributes: - When LLDP is enabled on interfaces, LLDP interface counters are notified along with other interface-level attributes. - ON_CHANGE event reports LLDP neighbor age and custom TLVs, as well as when a neighbor is initially discovered
Removal of show system queues command (PTX10003, PTX10008, and QFX5220)—Starting in Junos OS Evolved Release 20.1R1, you'll no longer be able to use the show system queues command because the information in the command output is not relevant.
Learn about limitations in this release for the QFX5220. For the most complete and latest information about known Junos OS Evolved defects, use the Juniper Networks online Junos Problem Report Search application.
Interfaces and Chassis
The show interfaces command to view traffic statistics does not show any traffic statistics for IPv6. PR1421685
When PTP is enabled or disabled, the interface flaps momentarily while the PTP state is applied. PR1487043
Learn about open issues in this release for the QFX5220. For the most complete and latest information about known Junos OS Evolved defects, use the Juniper Networks online Junos Problem Report Search application.
Routing Policy and Firewall Filters
QFX5220 does not support the following matches which were supported on QFX5200: first-fragment, tcp-established, Is-fragment, and Hop-limit. PR1499009
Keychain authentication configuration is not supported on Junos OS Evolved platforms. PR1490351
The virtual-router option is not supported under routing-instance in lean rpd image. PR1494029
Differences in XML tags for show system virtual-memory. PR1438110
PTP-FPGA access error displayed as PTP-FPGA is not initialized. PR1457094
switch-options configuration not available on lean RPD images. PR1457825
When the SSH service is configured with certain key-exchange algorithms, the SSH server becomes unresponsive. For example: set system services ssh key-exchange dh-group1-sha1 PR1467467
On QFX5220 platforms with Junos OS Evolved images, when the lo0 firewall filter (inet/inet6) is used, Layer 3 forwarding traffic might be discarded by the lo0 filter. PR1475620
show firewall cli shows error error: communication failure with /re0/evo-pfemand/ when unique filter is applied over all physical interfaces. PR1499294
ACL is not getting applied to ingress when single filter is applied to both input and output direction of intf simultaneously. PR1501015
When changing a physical interface from vlan-id-list to multiple single vlan ids or vlan-id-lists that fall within the original vlan range, we may see one or more of the new physical interfaces not notified. For example, in the current commit we have the following configuration set interfaces ae100 unit 1 vlan-id-list 1-100, in the next commit we do the following set interfaces ae100 unit 1 vlan-id 1 set interfaces ae100 unit 2 vlan-id 2. We may see that one of the two physical interfaces is not notified. PR1504374
DHCPv6 clients may fail to bind after the dhcp-relay configuration is deleted and and then quickly re-added a short time later in a given routing instance. PR1505993
User Interface and Configuration
On QFX5220-32CD, VLANs between 3968 to 4095 are reserved for Layer 3 interfaces by default. So, these VLANs cannnot be used for Layer 2 interfaces. As of now there is no commit check added for this purpose. You need to take care of this while configuring VLANs for Layer 2. PR1423468
Learn which issues were resolved in Junos OS Evolved Release 20.1R2 for the QFX5220.
For the most complete and latest information about known Junos OS defects, use the Juniper online Junos Problem Report Search application.
Class of Service (CoS)
cosd anomolies are observed after commiting the EBGP baseline configuration. PR1494573
fibd core files can be seen after commit when vlan-id of a vlan is changed. PR1497790
Interfaces and Chassis
ET interface linklocal self ping is not working.PR1476971
Platform and Infrastructure
A specific IPv4 packet can lead to FPC restart. (CVE-2020-1638) PR1493176
Sometimes dhclient generates a core file during ZTP retry when the dhclient process is exiting. PR1460906
Failed to start MGD initialization of schema and database while upgrade from Junos OS Evolved Release 19.3R2.1 to Junos OS Evolved Release 19.4-202002240046.0 ] >>> mgd-init service fails due to clksyncd failure. PR1491803
cmdd crashes when the invoked request system shutdown reboot disk1 command is run. PR1492955
Interface is not part of the member VLAN when configured. PR1495207
QFX5220-32 and QFX5220-128C: evo-pfemand core file is seen if a loopback filter is applied with input-list and after the switch is rebooted. PR1497909
User Interface and Configuration
Observed error The command-handler subsystem is not responding to management requests while upgrading from Junos OS Evolved 19.3R2.1 to Junos OS Evolved 19.4R2.3. PR1499018