Junos OS Release Notes for EX Series
These release notes accompany Junos OS Release 20.2R1 for the EX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.
Learn about new features introduced in this release for EX Series Switches.
The following EX Series switches are supported in Release 20.2R1: EX2300, EX2300-C, EX3400, EX4300, EX4600, EX4650, EX9200, EX9204, EX9208, EX9214, EX9251, and EX9253.
Authentication, Authorization, and Accounting
Retain the authentication session based on DHCP or SLAAC snooping entries (EX2300, EX3400, and EX4300)—Starting in Junos OS Release 20.2R1, you can configure the authenticator to check for a DHCP, DHCPv6, or SLAAC snooping entry before terminating the authentication session when the MAC address ages out. If a snooping entry is present, the authentication session for the end device with that MAC address remains active. This ensures that the end device will be reachable even if the MAC address ages out.
802.1X authentication with EVPN-VXLAN (EX4300-48MP and EX4300-48MP Virtual Chassis)—Starting in Junos OS Release 20.2R1, EX4300-48MP switches that act as access switches can use 802.1X authentication to protect an EVPN-VXLAN network from unauthorized end devices. EX4300-48MP switches support the following 802.1X authentication features on access and trunk ports:
Access ports: single, single-secure, and multiple supplicant modes
Trunk ports: single and single-secure supplicant modes
Dynamic firewall filters
Port bounce with Change of Authorization (CoA) requests
MAC RADIUS client authentication
Central Web Authentication (CWA) with redirect URL
Captive portal client authentication
Flexible authentication with fallback scenarios
[See 802.1X Authentication.]
Support for firewall filtering on EVPN-VXLAN traffic (EX4300-MP)—Starting with Junos OS Release 20.2R1, you can configure firewall filters and policers on the VXLAN traffic in an EVPN network (EVPN-VXLAN traffic). You set the rules that the devices uses to accept or discard packets by defining the terms for a firewall filter. For filters that you would apply to a port or VLAN, configure firewall filters at the [edit firewall family ethernet-switching] hierarchy level. For filters that you would apply to an IRB interface, configure firewall filters at the [edit firewall family inet] hierarchy level. After a firewall filter is defined, you can then apply it at an interface.
Noncolored SR-TE LSPs with EVPN-MPLS (ACX5448, EX9200, MX Series, and vMX)—Starting in Junos OS Release 20.2R1, ACX5448, EX9200, MX Series, and vMX routers support noncolored static segment routing-traffic engineered (SR-TE) label-switched paths (LSPs) with an EVPN-MPLS core network and the following Layer 2 services running at the edges of the network:
EVPN-VPWS with E-Line
Without color, all LSPs resolve using a BGP next hop only.
The Juniper Networks routers support noncolored SR-TE LSPs in an EVPN-MPLS core network with the following configurations:
EVPN running in a virtual switch routing instance
Multihoming in active/active and active/standby modes
The Juniper Networks routers also support noncolored SR-TE LSPs when functioning as a Data Center Interconnect (DCI) device that handles EVPN Type 5 routes.
MAC filtering, storm control, and port mirroring support in EVPN-VXLAN overlay networks (EX4300-48MP)—Starting with Junos OS Release 20.2R1, EX4300-48MP switches support the following features in an EVPN-VXLAN overlay network:
Port mirroring and analyzers
Layer 2 and 3 families, encapsulation types, and VXLAN on the same physical interface (EX4600)—Starting in Junos OS Release 20.2R1, you can configure and successfully commit the following on a physical interface of an EX4600 switch in an EVPN-VXLAN environment:
Layer 2 bridging (family ethernet-switching) on any logical interface unit number (unit 0 and any nonzero unit number).
VXLAN on any logical interface unit number (unit 0 and any nonzero unit number).
Layer 2 bridging (family ethernet-switching and encapsulation vlan-bridge) on different logical interfaces (unit 0 and any nonzero unit number).
Layer 3 IPv4 routing (family inet) and VXLAN on different logical interfaces (unit 0 and any nonzero unit number).
For these configurations to be successfully committed and work properly, you must specify the encapsulation flexible-ethernet-services configuration statements at the physical interface level—for example, set interfaces xe-0 /0/5 encapsulation flexible-ethernet-services.
High Availability (HA) and Resiliency
Support for failover configuration synchronization for the ephemeral database (EX Series, MX Series, MX Series Virtual Chassis, PTX Series, and QFX Series)—Starting in Junos OS Release 20.2R1, when you configure the commit synchronize statement at the
[edit system]hierarchy level in the static configuration database of an MX Series Virtual Chassis or dual Routing Engine device, the backup Routing Engine will synchronize both the static and ephemeral configuration databases when it synchronizes its configuration with the master Routing Engine. This happens, for example, when a backup Routing Engine is newly inserted, comes back online, or changes mastership. On a dual Routing Engine system, the backup Routing Engine synchronizes both configuration databases with the master Routing Engine. In an MX Series Virtual Chassis, the master Routing Engine on the protocol backup synchronizes both configuration databases with the master Routing Engine on the protocol master.
Juniper Extension Toolkit (JET)
Python 3 support for JET (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release 20.2R1, Junos OS can use Python 3 to execute JET scripts. To enable unsigned JET Python applications that support Python 3 to run on devices running Junos OS, use the set system scripts language python3 command.
Junos OS XML, API, and Scripting
[See REST API Guide.]
Junos Telemetry Interface
Network instance (policy) statistics and OpenConfig configuration enhancements on JTI (ACX1100, ACX2100, ACX5448, ACX6360, EX4300, MX240, MX480, MX960, MX10003, PTX10008, PTX10016, QFX5110, and QFX10002)—Junos OS Release 20.2R1 provides enhancements to support the OpenConfig data models
Support for OpenConfig configuration model version 4.0.1 for BGP with JTI (EX2300, EX3400, EX4300, EX4600, and EX9200)— Junos OS Release 20.2R1 provides support for the OpenConfig version 4.0.1 data models
openconfig-bgp-policy.yangusing Junos telemetry interface (JTI) and remote procedure call (gRPC) services. Using JTI and gRPC services, you can stream telemetry statistics to an outside collector.
The following major resource paths are supported with gRPC and JTI:
Support for OpenConfig configuration model version 1.0.0 for local routing with JTI (EX2300, EX3400, EX4300, EX4600, and EX9200)— Junos OS Release 20.2R1 provides support for the OpenConfig version 1.0.0 data model
openconfig-local-routing.yangusing Junos telemetry interface (JTI) and remote procedure call (gRPC) services. Using JTI and gRPC services, you can stream telemetry statistics to an outside collector.
The following major resource paths are supported with gRPC and JTI:
Packet Forwarding Engine and Routing Engine sensor support with JTI (EX2300, EX2300-MP, and EX3400)—Starting in Junos OS Release 20.2R1, you can use Junos telemetry interface (JTI) with remote procedure call (gRPC) services to export Packet Forwarding Engine statistics and Routing Engine statistics from EX2300, EX2300-MP, and EX3400 switches to an outside collector. These statistics can also be exported through UDP (native) sensors.
Supported Packet Forwarding Engine sensors are:
Sensor for CPU (ukernel) memory (resource path
Sensor for firewall filter statistics (resource path
Sensor for physical interface traffic (resource path
Sensor for logical interface traffic (resource path
/junos/system/linecard/interface/logical/usage/). Not supported on EX2300 or 2300-MP switches.
Sensor for software-polled queue-monitoring statistics (resource path
/junos/system/linecard/qmon-sw/). Not supported on EX2300 or 2300-MP switches.
Supported Routing Engine sensors are:
Sensor for LACP state export (resource path
Sensor for chassis environmentals export (resource path
Sensor for chassis components export (resource path
Sensor for LLDP statistics export (resource path
Sensor for BGP peer information export (resource path
/network-instances/network-instance/protocols/protocol/bgp/). Not supported on EX2300 or 2300-MP switches.
Sensor for RPD task memory utilization export (resource path
Sensor network discovery ARP table state (resource path
Sensor for network discovery NDP table state (resource path
Layer 2 Features
L2PT support (EX4650 and QFX5120-48Y switches, and QFX5100 and QFX5110 switches and Virtual Chassis)—Starting in Junos OS Release 20.2R1, you can configure Layer 2 protocol tunneling (L2PT) to tunnel any of the following Layer 2 protocols: CDP, E-LMI, GVRP, IEEE 802.1X, IEEE 802.3AH, LACP, LLDP, MMRP, MVRP, STP (including RSTP and MSTP), UDLD, VSTP, and VTP.
[See Layer 2 Protocol Tunneling.]
Static multicast route leaking for VRF and virtual router instances (EX4650 and QFX5120-48Y)—Starting with Junos OS Release 20.2R1, you can configure the switch to statically share (leak) IPv4 multicast routes for IGMPv3 (S,G) traffic among different virtual router or virtual routing and forwarding (VRF) instances. You can only leak static multicast routes per group, not per source and group. The destination prefix length must be 32.
To configure multicast route leaking to the VRF or virtual router instance routing-instance-name, configure the next-table routing-instance-name.inet.0 statement at the [edit routing-instances routing-instance-name routing-options static route destination-prefix/32] hierarchy level.
Multicast-only fast reroute (MoFRR) (EX4650 and QFX5120-48Y)—Starting in Junos OS Release 20.2R1, you can configure MoFRR to minimize multicast packet loss in PIM domains when link failures occur. With MoFRR enabled, the switch maintains primary and backup traffic paths, forwarding traffic from the primary path and dropping traffic from the backup path. If the primary path fails, the switch can quickly start forwarding the backup path stream (which becomes the primary path). The switch creates a new backup path if it detects available alternative paths. MoFRR applies to all multicast (S,G) streams by default, or you can configure a policy for the (S,G) entries where you want MoFRR to apply.
Network Management and Monitoring
Python 3 support for YANG scripts (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release 20.2R1, Junos OS uses Python 3 to execute YANG action and translation scripts that are written in Python. Junos OS does not support using Python 2.7 to execute YANG Python scripts as of this release.
NETCONF sessions over outbound HTTPS (EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release 20.2R1, the Junos OS with upgraded FreeBSD software image includes a Juniper Extension Toolkit (JET) application that supports establishing a NETCONF session using outbound HTTPS. The JET application establishes a persistent HTTPS connection with a gRPC server over a TLS-encrypted gRPC session and authenticates the NETCONF client using an X.509 digital certificate. A NETCONF session over outbound HTTPS enables you to remotely manage devices that might not be accessible through other protocols, for example, if the device is behind a firewall.
Routing Policy and Firewall Filters
Support for MPLS firewall filter on loopback interface (EX4650, QFX5120-32C, and QFX5120-48Y)—Starting with Junos OS Release 20.2R1, you can apply an MPLS firewall filter to a loopback interface on a Label switching router (LSR). For example, you can configure an MPLS packet with ttl=1 along with MPLS qualifiers such as label, exp, and Layer 4 tcp/udp port numbers. Supported actions include accept, discard, and count.
You configure this feature at the [edit firewall family mpls] hierarchy level. You can only apply a loopback filters on family mpls in the ingress direction.
Support for Layer 2 circuit, Layer 2 VPN, and VPLS services with BGP labeled unicast (MX Series, EX9204, EX9208, EX9214, EX9251, and EX9253 devices)—Starting with Junos OS Release 20.2R1, MX Series, EX9204, EX9208, EX9214, EX9251, and EX9253 devices support BGP PIC Edge protection for Layer 2 circuit, Layer 2 VPN, and VPLS (BGP VPLS, LDP VPLS and FEC 129 VPLS) services with BGP labeled unicast as the transport protocol. BGP PIC Edge using the BGP labeled unicast transport protocol helps to protect traffic failures over border nodes (ABR and ASBR) in multi-domain networks. Multi-domain networks are typically used in metro-aggregation and mobile backhaul networks designs.
A prerequisite for BGP PIC Edge protection is to program the Packet Forwarding Engine (PFE) with expanded next-hop hierarchy.
To enable BGP PIC Edge protection, use the following CLI configuration statements:
Expand next-hop hierarchy for BGP labeled unicast family:[edit protocols]user@host#set bgp group group-name family inet labeled-unicast nexthop-resolution preserve-nexthop-hierarchy;
BGP PIC for MPLS load balance nexthops:[edit routing-options]user@host#set rib routing-table-name protect core;
Fast convergence for Layer 2 circuit and LDP VPLS:[edit protocols]user@host#set l2circuit resolution preserve-nexthop-heirarchy;
Fast convergence for Layer 2 VPN, BGP VPLS, and FEC129:[edit protocols]user@host#set l2vpn resolution preserve-nexthop-heirarchy;
Software Installation and Upgrade
Zero touch provisioning (ZTP) with IPv6 support (EX3400, EX4300, QFX5100 and QFX5200 switches, MX-Series routers)—Starting in Junos OS Release 20.2R1, ZTP supports the DHCPv6 client. During the bootstrap process, the device first uses the DHCPv4 client to request for information regarding image and configuration file from the DHCP server. The device checks the DHCPv4 bindings sequentially. If there is a failure with one of the DHCPv4 bindings, the device will continue to check for bindings until provisioning is successful. If there are no DHCPv4 bindings, however, the device will check for DHCPv6 bindings and follow the same process as for DHCPv4 until the device can be provisioned successfully. Both DHCPv4 and DHCPv6 clients are included as part of the default configuration on the device.
The DHCP server uses DHCPv6 options 59 and 17 and applicable suboptions to exchange ZTP-related information between itself and the DHCP client.
Only HTTP and HTTPS transport protocols are supported EX3400, EX4300, QFX5100, and QFX5200 devices.
This feature is documented but not supported on EX3400, EX4300, QFX5100 and QFX5200 switches, and MX-Series routers in Junos OS Release 20.2R1.
[See Zero Touch Provisioning.]
Learn about what changed in this release for EX Series Switches.
Support for full inheritance paths of configuration groups to be built into the database by default (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting with Junos OS Release 20.2R1, the persist-groups-inheritance option at the [edit system commit] hierarchy level is enabled by default. To disable this option, use no-persist-groups-inheritance.
[See commit (System).]
Juniper Extension Toolkit (JET)
PASS keyword required for Python 3 JET applications (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—If you are writing a JET application using Python 3, include the PASS keyword in the Exception block of the script. Otherwise, the application throws an exception when you attempt to run it.
Updates to IDL for RIB service API bandwidth field (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—The IDL for the RouteGateway RIB service API has been updated to document additional rules for the bandwidth field. You must set bandwidth only if a next hop has more than one gateway, and if you set it for one gateway on a next hop, you must set it for all gateways. If you set bandwidth when there is only a single usable gateway, it is ignored. If you set bandwidth for one or more gateways but not all gateways on a next hop, you see the error code BANDWIDTH_USAGE_INVALID.
[See Juniper EngNet.]
Network Management and Monitoring
Junos OS only supports using Python 3 to execute YANG Python scripts (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release 20.2R1, Junos OS uses Python 3 to execute YANG action and translation scripts that are written in Python. In earlier releases, Junos OS uses Python 2.7 to execute these scripts.
Learn about known limitations in this release for EX Series. For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.
Depending on the actual traffic pattern and the order in which the MACs are learned, the actual MAC DB scale may vary. This is due to the way the MACs are internally stored in the hardware. PR1485319
On EX-4300MP, 9000 IPv6 MC routes can be installed. If you try to add more IPv6 MC routes, error messages will be seen. PR1493671
Learn about open issues in Junos OS Release 20.2R1 for EX Series switches. For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.
Authentication and Access Control
When a 802.1X session terminates, an event denoting the same was not logged in single supplicant mode. As fix, a new event DOT1XD_USR_SESSION_DISCONNECTED is logged consistently whenever a session terminates irrespective of supplicant mode. DOT1XD_AUTH_SESSION_DELETED events still get generated too but only for multiple and single-secure supplicant modes (as per design). PR1512724
qmon-sw sensor is not supported in EX3400. PR1506710
Interfaces and Chassis
On GRES, VSTP port cost on aggregated Ethernet interfaces might get changed, leading to topology change. PR1174213
The same IP address could be configured on different logical interfaces from different physical interfaces in the same routing instance (including master routing instance), but only one logical interface was assigned with the identical address after commit. There was no warning during the commit, only syslog messages indicating incorrect configuration. PR1221993
Layer 2 Features
GARPs were being sent whenever there was a MAC (fdb) operation (add or delete). This is now updated to send GARP when the interface is up and l3 interface attached to the VLAN. PR1192520
Layer 2 Ethernet Services
If forward-only is set within dhcp-reply in a Juniper Networks device as a DHCP relay agent, the DHCP DECLINE packets that are broadcast from the DHCP client are dropped and not forwarded to the DHCP server. PR1429456
In a DHCP relay scenario, if the device (DHCP relay) receives a request packet with option 50 where the requested IP address matches the IP address of an existing subscriber session, such request packet would be dropped. In such a case, the subscriber might need more time to get IP address assigned. The subscriber might also remain in this state until its lease expires if it has previously bound with the address in the option 50. PR1435039
Platform and Infrastructure
EX3400/EX2300 upgrade may fail due to space and the system generates the following messages: /usr/libexec/ui/package: /var/tmp/mchassis-install.tgz: no such filePR1440122
On EX9208 switches, 33 percent degradation in MAC learning rate is seen in Junos OS Release 19.3R1 while comparing with Junos OS Release 18.4R1. PR1450729
On EX4300 platforms configured with ERP, after multiple devices reboot/restart at the same time, ERP might not revert back to the IDLE state. This issue might be seen in situations where the ERP node-id is not configured manually and after the restart, the default node-id (switch base MAC address) might get reset to 00:00:00:00:00:00, effectively causing multiple devices to have the same node-id. PR1461434
On MX series platforms, when a route's next-hop is an IRB interface with lt- as the underlying L2 interface, it is not getting programmed on PFE, resulting in packet drop. PR1494594
Chassis connection dropped often in AD-2 while when dot1x clients connect/disconnect. The issue is seen when dot1x clients connect/disconnect. PR1513274
After GRES, interfaces may flap due to which DHCP bindings may be lost. PR1515234
Craftd messages are generated on MX10003 and MX204 platforms. These platforms do not have a craft interface. Hence these errors are expected, and can safely be ignored. When Craftd daemon tries to open the device, it fails with a junk char in the fatal error message because the error no is not mapped to a string in the kernel code. The following messages are seen: Feb 20 01:49:38 MX craftd[xxxx]: craftd detected platform mx10002 Feb 20 01:49:38 MX craftd[xxxx]: LIBJSNMP_SA_IPC_REG_ROWS: ns_subagent_register_mibs: registering 1 rows Feb 20 01:49:38 MX craftd[xxxx]: fatal error, failed to open smb device: ,JÎÈ"" PR1359929
On an EX9208 switch, a few xe- interfaces are going down with the error if_msg_ifd_cmd_tlv_decode ifd xe-0/0/0 #190 down with ASIC Error. PR1377840
Unicast RPF check in strict mode might not work properly. PR1417546
On the EX9214 device, if the MACsec-enabled link flaps after reboot, the error errorlib_set_error_log(): err_id(-1718026239) is observed. PR1448368
In overall commit time, the evaluation of mustd constraints is taking 2 seconds more than usual. This is because the persist-group-inheritance feature has been made a default feature in the latest Junos OS releases. Eventually, this feature helps improve the subsequent commit times for scaled configurations significantly. The persist-group-inheritance feature is useful in customer scenarios where groups and nested groups are used extensively. In those scenarios, the group inheritance paths are not built every time, thus subsequent commits are faster. This issue is seen only with a QFX platform or other low end devices. PR1457939
On EX4300 switches, when packets entering a port exceed a size of 144 bytes, they might get dropped in very few cases. PR1464365
While verifying Last-change op-state value through XML, rpc-reply message is inappropriate. PR1492449
When the NETCONF session is established over outbound ssh, the high rate of pushing the configuration to the ephemeral DB might result in flapping of the outbound SSH connection or a or memory leak issue. PR1497575
EX4300-48MP-EX4300-VC: This issue is very rarely seen and is Virtual Chassis specific. For the issue to get triggered, the Lag IRB interface where OSPF is stuck should be present in the Standby switch. The problem state is recovered by rebooting the master and switch is not seen again. PR1498903
LLDP packets are not acquired when native-vlan configured is same as tagged vlan-id. PR1504354
ECDSA256+SHA256 is not used for software integrity checking. PR1504211
This section lists the issues fixed in Junos OS Release 20.2R1 for EX Series switches.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.
Authentication and Access Control
EX2300-48MP: Client did not receive captive-portal success page by downloading the ACL parameter as Authentication failed. PR1504818
The ESI of IRB interfaces does not get updated after an autonomous-system number change if the interface is down. PR1482790
The VXLAN function might be broken due to a timing issue after the change in PR 1495098. PR1502357
Kernel core files might be observed if you deactivate the daemon on EX2300/EX3400 platforms. PR1483644
Interfaces and Chassis
The MC-LAG configuration-consistency ICL configuration might fail after committing some changes. PR1459201
Executing commit might hang up due to a stuck dcd process. PR1470622
A stale IP address might be seen after a specific order of configuration changes under a logical-systems scenario. PR1477084
Junos Fusion Enterprise
SDPD core files found: vfpc_all_eports_deletion_complete vfpc_dampen_fpc_timer_expiry. PR1454335
Loop detection might not work on extended ports in Junos fusion scenarios. PR1460209
Junos Fusion Satellite Software
Temperature sensor alarm is seen on EX4300 in a Junos fusion scenario. PR1466324
Layer 2 Features
The LLDP function might fail when a Juniper device connects to a non-Juniper one. PR1462171
EX4650/QFX5120: QinQ: The third VLAN tag is not pushed onto the stack and SWAP is being done instead. PR1469149
Traffic might be affected if composite next hop is enabled. PR1474142
Layer 2 Ethernet Services
Member links state might be asychronized on a connection between PE and CE devices in an EVPN active/active scenario. PR1463791
Issues with DHCPv6 relay processing Confirm and Reply packets. PR1496220
BGP session might keep flapping between two directly connected BGP peers because of the wrong TCP-MSS in use. PR1493431
Platform and Infrastructure
The IRB traffic might get dropped after mastership switchover. PR1453025
The switch might not be able to learn MAC addresses with dot1x and interface-mac-limit configured. PR1470424
EX4300: Input firewall filter attached to isolated or community VLANs not matching 802.1p bits on the VLAN header. PR1478240
MAC learning under bridge-domain stops after an MC-LAG interface flap. PR1488251
The NSSU upgrade might fail on EX4300 switches due to a storage issue in the
Traffic loss might be seen with framing errors or runts if MACsec is configured on EX4300. PR1502726
The MAC Pause frames will be incrementing in the Receive direction if half-duplex mode on 10-Mbps or 100-Mbps speed is configured. PR1452209
Link up delay and traffic drop might be seen on mixed SP L2/L3 and EP L2 type configurations. PR1456336
MAC addresses learned on RTG may not be aged out after the aging time. PR1461293
RTG link faces nearly 20 seconds down during backup node rebooting. PR1461554
The jdhcpd process might consume high CPU and no further subscribers can be brought up if there are more than 4000 DHCP relay clients in the MAC move scenario. PR1465277
FPCs might get disconnected from the EX3400 Virtual Chassis briefly after a reboot or an upgrade. PR1467707
Traffic loss might be seen with framing errors or runts if MACsec is configured on EX4600 or QFX5100 platforms. PR1469663
SSH session closes while checking for the show configuration | display set command for both local and nonlocal users. PR1470695
The shaping of CoS does not work after reboot. PR1472223
CoS 802.1p bits rewrite might not happen in Q-in-Q mode. PR1472350
DSCP marking might not work as expected if the fixed classifiers are applied to interfaces on QFX5000 or EX4600 platforms. PR1472771
ERP might not come up properly when MSTP and ERP are enabled on the same interface. PR1473610
The RIPv2 packets forwarded across a Layer 2 circuit connection might be dropped. PR1473685
On EX4300, the output of show security macsec statisitics shows high values incorrectly. PR1476719
EX3400 me0 interface might remain down. PR1477165
The dhcpd process may crash in a Junos fusion environment. PR1478375
Trio based linecard might crash when there is bulk route update failure in a corner case. PR1478392
TFTP installation from loader prompt may not succeed on the EX Series devices. PR1480348
ARP request packets for an unknown host might get dropped in remote PE in EVPN-VXLAN scenario. PR1480776
On EX2300 switches, SNMP traps are not generated when the MAC addresses limit threshold is reached. PR1482709
Virtual Chassis ports might go down in a mixed Virtual Chassis setup of QFX5100-24Q-2P/EX4300 and EX4600/EX4300. PR1489985
DHCP binding fails while you verify DHCPv4 snooping functionality with P-VLAN with a firewall to block or allow certain IPv4 packets. PR1490689
Traffic loss could be observed in a mixed-Virtual Chassis setup of QFX5100 and EX4300. PR1493258
Traffic loss could be seen in an MC-LAG scenario on QFX5120 and EX4650. PR1494507
Traffic might get dropped if AE member interface is deleted/added or a SFP of the AE member interface is unplugged/plugged. PR1497993
BGP IPv4/IPv6 convergence and RIB install and delete time is degraded in Junos OS Releases 19.1R1, 19.2R1, 19.3R1, and 19.4R1. PR1414121
MUX State in LACP interface does not go to collecting and distributing and remains attached after enabling the ae interface. PR1484523
FPC might go to "NotPrsnt" state after upgrading with non-TVP image in VC/VCF setup. PR1485612
The BGP route-target family might prevent RR from reflecting Layer 2 VPN and Layer 3 VPN routes. PR1492743
Firewall filter could not work in certain conditions in an Virtual Chassis setup. PR1497133
User Interface and Configuration
umount: unmount of /.mount/var/val/chroot/packages/mnt/jweb-ex32-d2cf6f6b failed: Device busy message is seen when Junos OS is upgraded with the validate option. PR1478291
There are no errata or changes in Junos OS Release 20.2R1 documentation for EX Series switches.
Migration, Upgrade, and Downgrade Instructions
This section contains the upgrade and downgrade support policy for Junos OS for EX Series switches. Upgrading or downgrading Junos OS can take several hours, depending on the size and configuration of the network. For information about software installation and upgrade, see the Installation and Upgrade Guide.
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 19.3, 19.4, and 20.1 are EEOL releases. You can upgrade from Junos OS Release 19.3 to Release 19.4 or from Junos OS Release 19.3 to Release 20.1.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see https://support.juniper.net/support/eol/software/junos/.