Junos OS Evolved Release Notes for QFX5130-32CD and QFX5220 Devices
These release notes accompany Junos OS Evolved Release 20.3R1 for QFX5130-32CD, QFX5220-32CD and QFX5220-128C Switches. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.
What's New
Learn about new features introduced in Junos OS Evolved Release 20.3R1 for the QFX5130-32CD and QFX5220.
Hardware
New QFX5130-32CD Ethernet Switch (QFX series)—In Junos OS Evolved Release 20.3R1, we introduce the QFX5130-32CD switch. The QFX5130-32CD is a fixed configuration switch that provides a maximum bandwidth of 12.8 Tbps.
The QFX5130-32CD provides 32 QSFP56-DD user ports (32 ports of 400GbE or 64 ports of 200Gbe or 128 ports of 100Gbe) and 2 SFP+ (2 ports of 10Gbe) user ports.
Four models are available: two featuring AC power supplies and front-to-back or back-to-front airflow, and two featuring DC power supplies and front-to-back or back-to-front airflow.
To install the QFX5130-32CD switch hardware and perform initial software configuration, routine maintenance, and troubleshooting, see the QFX5130 Switch Hardware Guide.
Table 6 summarizes the QFX5130-32CD features supported in Junos OS Evolved Release 20.3R1.
Table 6: Features Supported by the QFX5130-32CD
Feature
Description
Class of service (CoS)
Support for CoS features. The QFX5130-32CD supports most class of service (CoS) features. 802.3X Ethernet PAUSE is not supported. Also, CoS flexible hierarchical scheduling (ETS) is not supported. MPLS EXP ingress packet classification and egress rewrite rules are also not supported. Classifiers and rewrite rules are applied to logical interfaces instead of physical interfaces.
[See CoS Support on QFX Series Switches, EX4600 Line of Switches, and QFabric Systems.]
DHCP
Support for DHCPv4 and DHCPv6 stateless relay. The DHCP relay agent is supported over L3 interfaces only. DHCP relay is not supported over IRB interfaces. [See DHCP Relay Agent.]
Firewalls and policers
Firewall filter support on Layer 3 interfaces. [See Firewall Filter Match Conditions and Actions (QFX5220).]
Support for Firewall Service and Interfaces Service JET APIs. [See Juniper Engineering Network website.]
Interfaces and chassis
Support for channelizing interfaces. The QFX5130-32CD contains a total of 34 ports, of which 32 are QSFP/QSFP28 ports and two are 10G SFP+ ports. The switch supports native 400-, or 100-, or 40-Gigabit Ethernet configuration. You can channelize the 400-Gbps QSFP/QSFP28 ports into:
Four 100Gbe ports
Four 25Gbe ports
Four 10Gbe ports
Support for GRE tunneling. Tunneling provides a private, secure path for transporting packets through an otherwise public network by encapsulating packets inside a transport protocol known as an IP encapsulation protocol. GRE is an IP encapsulation protocol that is used to transport packets over a network. Information is sent from one network to the other through a GRE tunnel. GRE tunneling is accomplished through routable tunnel endpoints that operate on top of existing physical and other logical endpoints. GRE tunnels connect one endpoint to another and provide a clear data path between the endpoints.
Filter-based GRE encapsulation and decapsulation is not supported on QFX5130-32CD switches. [See Generic Routing Encapsulation.]
Support for the dedicated virtual routing and forwarding (VRF) instance mgmt_junos for the management Ethernet interface. Virtual routing Instance of type VRF and Virtual-router. [See Management Interface in a Nondefault Instance and management-instance.]
Support for link aggregation groups (LAGs).
Layer 3 logical interfaces. [See Layer 3 Logical Interfaces.]
JET APIs
New IDL files that adhere to standardized guidelines. API files are to be made consistent with each other. Support of this feature is restricted to FE, GE, XE, and AE interfaces. Only the following functionality is included: Add, Delete, Modify, and GET for supported interface objects. There is also a Unit Permissions Get API, which is used to get the following information on an already created logical interface: was the logical interface was configured using APIs or CLI and, if it was configured using APIs, which client created the logical interface. [See Juniper Engineering Network website.]
Junos OS XML API and scripting
XSLT, SLAX, and Python scripts (which can trigger CLI operations).
Junos telemetry interface (JTI)
Support for Junos Telemetry Interface (JTI). OpenConfig support through gRPC and JTI is available for the following telemetry sensors:
Sensor for Routing Engine internal interfaces (physical interface state and statistics)
Sensor for Routing Engine internal Logical interfaces (logical interface state and statistics)
Sensor for power supply module (PSM) FRU model number and fan trays
Sensor for hardware and chassis
Sensor for FEBs, FPCs, and PICs
To provision the sensor to export data through gRPCstreaming, use the telemetry Subscribe RPC to specify telemetry parameters. Streaming telemetry data through gRPC also requires the Open Config and Network Agent packages. [See Configuring a JunosTelemetry Interface Sensor (CLI Procedure).]
Layer 2 features
Support for Layer 2 bridging and forwarding. The QFX5130-32CD also supports Layer 2 control protocols (xSTP, LACP, and LLDP), including support for IRB.
Layer 3 features
Support for L3 unicast forwarding features. The following Layer 3 unicast features on the QFX5130-32CD:
IPv4 BGP
IPv4 MBGP
BGP 4 byte ASN support
BGP ADD Path (supporting 128 paths)
BGP Add Path community based selection
IS-IS
BFD (OSPF, ISIS, BGP)
Virtual router (VRF-lite) - ISIS, OSPF, BGP
IPv4 over GRE
IPv6 neighbor discovery protocol
Path MTU discovery
IPv6 ping
IPv4 and IPv6 static routing
IPv6 stateless auto configuration
IPv6 OSPFv3
IPv6 IS-IS
IPv6 multi-protocol BGP
128 Way ECMP
Graceful Restart (BGP, ISIS, OSPF)
BGP-LS
Network management and monitoring
Analyzers and port mirroring enable you to mirror a copy of a packet to a configured destination and are supported on Layer 2 and Layer 3 interfaces. Features include:
Native analyzer
Local port mirroring
Remote port mirroring
Remote port mirroring to an IP address (with GRE encapsulation)
Port mirroring with firewall filter action port-mirror
sFlow support. sFlow is a monitoring technology for high-speed switched or routed networks.An sFlow monitoring system consists of an sFlow agent embedded in the router and a monitoring station called a collector. sFlow randomly samples network packets and sends the samples as UDP datagrams to the IP address and UDP destination port of the collector. [See Overview of sFlow Technology.]
Support for NETCONF XML management protocol. NETCONF is an XML-based protocol that client applications use to request and change configuration information on routing, switching, and security devices. [See NETCONF XML Management Protocol and Junos XML API Overview.]
Management features supported:
Chef and Puppet provided as third-party applications, as part of the Junos OS Evolved image. [See Chef for Junos OS Getting Started Guide.]
JET APIs (only management and rpd API sand gRPC client request-response—notThrift—are supported)
YANG modeling
Support for Standard MIBs. For information about Standard MIB objects, see the SNMP MIB Explorer. [See SNMP MIB Explorer.]
Routing protocols
Bidirectional forwarding detection (BFD) support for BGP, IS-IS, and OSPF/OSPFv3. [See Example: Configuring BFD for BGP and Example: Configuring BFD for IS-IS.]
Support for BGP Monitoring Protocol (BMP) Version 3 and IPv6 BGP standards. You can configure BMP, which sends BGP route information from the switch to a monitoring application, or station, on a separate device. [See Understanding the BGP Monitoring Protocol and Supported IPv6 Standards.]
Neighbor discovery protocol (NDP) proxy support. NDP functionality enables packet forwarding among the hosts that are in the same subnet and are restricted from communicating directly with each other. [See IPv6 Neighbor Discovery User Guide.]
Unified Forwarding Table (UFT). [See Understanding the Unified Forwarding Table.]
Support for VRF and virtual-router instances. [See Understanding Multicast Route Leaking for VRF and Virtual-Router Instances.]
Static routing. [See Protocol-Independent Routing Properties User Guide.]
Software installation and upgrade
Secure boot support. The secure boot implementation is based on the UEFI2.4 standard. The BIOS has been hardened and serves as a core root of trust. The BIOS updates, the bootloader, and the kernel are cryptographically protected and thus safeguarded from tampering or modification. Secure boot is enabled by default on supported platforms. [See Software Installation and Upgrade Guide.]
Support for ZTP using WAN interfaces. [See Zero Touch Provisioning.]
To view the hardware compatibility matrix for optical interfaces and transceivers supported on the QFX5130-32CD, see the Hardware Compatibility Tool.
Junos OS XML API and Scripting
Routing instance support in Python 3 applications (PTX Series and QFX Series)—Starting in Release 20.3R1, devices running Junos OS Evolved support specifying the routing instance used by a process or socket in Python 3 applications that are executed from the Linux shell. Python 3 applications can import the
libpyvrfmodule and use the module’s functions to set the Linux VRF corresponding to the Junos OS routing instance for a specific context.[See How to Specify the Routing Instance in Python 3 Applications on Devices Running Junos OS Evolved.]
Junos Telemetry Interface
ARP and NDP table state, ON_CHANGE support for JTI (QFX5220 switches)—Junos OS Evolved Release 20.3R1 supports ON_CHANGE export of Address Resolution Protocol (ARP) and Neighbor Discovery Protocol (NDP) table states to an outside collector using Junos telemetry interface (JTI) and remote procedure call (gRPC) services. ARP and NDP periodic streaming and ON_CHANGE support is already available in Junos OS Evolved. This feature adds interface address (IPv4, IPv6) telemetry data.
The supported resource paths (sensors) are:
/interfaces/interface/subinterfaces/subinterface/ipv4/neighbors/neighbor/state/supporting leafs ip, link-layer-address. origin,/interfaces/interface/subinterfaces/subinterface/ipv6/neighbors/neighbor/state/supporting leafs ip, ink-layer-address. origin, is-router, neighbor-state, and is-publish./interfaces/interface/subinterfaces/subinterface/ipv4/addresses/address/state/supporting leafs ip, prefix-length, and origin./interfaces/interface/subinterfaces/subinterface/ipv4/addresses/address/state/supporting leafs ip, prefix-length, and origin./interfaces/interface/subinterfaces/subinterface/ipv4/unnumbered/state/supporting leafs enabled, interface-ref/state/interface, interface-ref/state/subinterface,/interfaces/interface/subinterfaces/subinterface/ipv4/state/supporting leafs enabled and mtu./interfaces/interface/subinterfaces/subinterface/ipv6/addresses/address/state/supporting leafs ip, prefix-length, origin, and status./interfaces/interface/subinterfaces/subinterface/ipv6/unnumbered/state/enabled./interfaces/interface/subinterfaces/subinterface/ipv4/unnumbered/state/supporting leafs enabled, interface-ref/state/interface, interface-ref/state/subinterface,/interfaces/interface/subinterfaces/subinterface/ipv6/unnumbered/interface-ref/state/interface/subinterface/./interfaces/interface/subinterfaces/subinterface/ipv6/state/supporting leafs enabled and mtu.
[See Guidelines for gRPC and gNMI Sensors (Junos Telemetry Interface.]
Routing Protocols
Support for Unified Forwarding table and Layer 3 sub-interface (QFX5130-32CD)—Starting with Junos OS Evolved Release 20.3R1, the following Unified Forwarding table and Layer 3 sub-interface features are supported:
Unified Forwarding Table— Unified Forwarding Table stores both Layer 2 and Layer 3 entries that allow you to set default sizes for different entries. The following applications share Unified Forwarding Table search banks:
Layer 2 MAC addresses
IPv4 and IPv6 host routes
Layer 2 and Layer 3 multicast routes
IPv4 and IPv6 LPM or prefix entries that are supported in Unified Forwarding Table through Algorithmic Longest Prefix Match (ALPM)
The following Unified Forwarding Table Profiles are supported:
Profile
Layer 2 MAC
Layer 3 Host Unicast
Layer 3 Host Mulitcast
IPv4 and IPv6 LPM
lpm-profile
32,000
32,000
16,000
IPv4 720,000 and IPv6 550,000
host-profile
160,000
160,000
32,000
IPv4 65,000 and IPv6 50,000
host-acl-profile
160,000
160,000
32,000
IPv4 65,000 and IPv6 22,000
default-profile (same as lpm-profile)
32,000
32,000
16,000
IPv4 720,000 and IPv6 550,000
Note The evo-pfemand Packet Forwarding Engine application restarts when one of the Unified Forwarding Table profile is configured. The default profile is active when no configuration is added. The configuration guidelines to delete the routes or MACs before changing the Unified Forwarding Table configuration, might not install all the entries from the previous Unified Forwarding Table profile due to the table size.
Layer 3 sub-interfaces— You can configure Layer 3 sub-interfaces to route traffic between the VLANs. The following interfaces scales are supported:
Layer 2 VLANs or IRB interfaces: 1 to 4095
Layer 3 sub-interfaces VLAN-token: 1 to 4095
Note The maximum VLAN scale is 4095 due to which the interfaces and VLANs share the same token space.
Software Licensing
Juniper Agile Licensing (QFX5220-32CD, QFX5220-128C, PTX10003-80C, and PTX10003-160C) —Starting in Junos OS Evolved Release 20.3R1, we’re moving toward license-based software features. We now use Juniper Agile Licensing to support soft enforcement for software features on the listed devices.
Juniper Agile Licensing provides simplified and centralized license administration and deployment. You can install and manage licenses for hardware and software features using Juniper Agile Licensing.
From this release onwards, you can now opt to use the Juniper Agile License Manager to significantly improve the ease of license management for an entire network of supported devices.
If you are upgrading to this release, you need new license keys to use the features on the listed devices. Contact Customer Care to exchange license keys for Junos OS releases earlier than Junos OS Evolved Release 20.3R1.
Table 7 describes the licensing support on the QFX5220-32CD and QFX5220-128C devices.
Table 7: Licensed Features on the QFX5220-32CD and QFX5220-128C
QFX Switch License Model
Detailed Features
Standard license for integrated SKUs (standard hardware and software platform)
Filters (Layer 2 and Layer 3), Layer 2 (xSTP, 802.1Q, LAG), Layer 3 (static), QoS (Layer 2 and Layer 3), and SNMP
Advanced license for integrated and advanced SKUs
Advanced 1: BGP, FBF, GRE, IS-IS, JTI, MC-LAG, OSPF, sFlow, VRF, and VRRP
Advanced 2: Includes Advanced 1 features + CFM, Layer 2 and Layer 3 multicast, OAM, Packet Timestamping, PTP, and Q-in-Q
Premium license for integrated and premium SKUs
Includes Advanced 2 features + EVPN-MPLS, MPLS, Layer 2 circuit, Layer 3 VPN, LDP, RSVP, segment routing, and SR-TE
Table 5 describes the licensing support for the PTX10003-80C and PTX10003-160C devices.
Table 8: Licensed Features on the PTX10003-80C and PTX10003-160C
License Model
Detailed Features for Fabric Management
Scale
Security License
Standard
Filters (Layer 2 and Layer 3), Layer 2 (xSTP, 802.1Q, LAG), Layer 3 (static), quality of service or QoS (Layer 2 and Layer 3), and SNMP
64K FIB
K stands for 1000.
The PTX10003 router supports the MACsec feature, but you must purchase a license separately to use the feature.
Advanced
Advanced 1
BGP, FBF, GRE, IS-IS, Junos telemetry interface (JTI), OSPF, sFlow, VRF, and VRRP
256K FIB, 3M RIB, and 1K VR
M stands for million.
Advanced 2
Advanced 1 features, CFM, EVPN-VXLAN, Multicast, OAM, PTP, and Q-in-Q
256K FIB, 3M RIB, and 1K VRs/VRF (VXLAN)
Premium
Premium 1
Advanced 2 features, EVPN-MPLS, IPFIX, Layer 2 circuit, Layer 3 VPN, LDP, RSVP, SR, and SR-TE
2M FIB, 6M RIB, 1K VRs/VRF (VXLAN), 32 VRF (MPLS Layer 3 VPN), and 32K LSP
Premium 2
Premium 1 features and fine-grained QoS
2M to 4M FIB, 60M to 80M RIB, 1K+ VRs/VRF (VXLAN), 32+ VRF (MPLS Layer 3 VPN), and 32K+ LSP
* Scaling is based on the device capacity.
[See Supported Features on QFX5220-32CD and QFX5220-128C device, Supported Features on PTX10003-80C and PTX10003-160C device, Juniper Agile Licensing Guide, and Configuring Licenses in Junos OS.]
What's Changed
Learn about what changed in Junos OS Evolved Release 20.3R1 for the QFX5130-32CD and QFX5220.
Junos OS XML API and Scripting
Changes to Junos XML RPC request tag names (PTX Series, QFX Series)—We've updated the Junos XML request tag name for some operational RPCs to ensure consistency across the Junos XML API. Devices running Junos OS still accept the old request tag names, but we recommend that you use the new names going forward. The changes include::
Most, but not all, request tag names that start with
showreplaceshowwithgetin the name.Uppercase characters are converted to lowercase.
Layer 2 Features
Advertising /32 secondary loopback addresses to Traffic Engineering Database (TED) as prefixes (PTX Series, QFX Series)—We've made changes to export multiple loopback addresses into lsdist.0 and lsdist.1 routing tables as prefixes. This eliminates the issue of advertising secondary loopback addresses as router-ids instead of prefixes. In earlier releases, multiple secondary loopback addresses in TED were added into lsdist.0 and lsdist.1 routing tables as part of node characteristics and advertised them as the router-id.
Known Limitations
Learn about limitations in this release for the QFX5130-32CD and QFX5220. For the most complete and latest information about known Junos OS Evolved defects, use the Juniper Networks online Junos Problem Report Search application.
Network Security
Configuring an egress ACL with 1000 terms and attaching the ACL to more than one interface results in exhaustion of the TCAM space. The user can attach an egress RACL to multiple interfaces as long as the numbers of terms and the number of interface attached remains with the max TCAM scale supported (1000). PR1536550
Routing Protocols
Few OSPF sessions are not established with 500,000 routes across 10 neighbors. PR1536115
Software Licensing
When you upgrade to Junos OS Evolved 20.3R1 Release, the earlier license keys do not persist on QFX5220-32CD, QFX5220-128C, PTX10003-80C, and PTX10003-160C devices. As a workaround, you must reinstall the license keys.
[See Configuring Licenses in Junos OS using Network Licensing Mode.]
System Management
Fragmentation does not happen for IPv4 packets on transit Junos OS Evolved based devices when the outgoing MTU is less than the packet size. The packet is dropped. PR1429634
Due to a hardware limitation, ICMP type and ICMP code matches are not supported for egress ACLs. The complete filter does not work even if a single term has an ICMP type or ICMP code match. PR1503168
In QFX5130-32CD, packet-length match configured in any firewall terms do not work. PR1514578
In QFX5130-32CD, the dscp action configured in firewall filter does not work and does not rewrite the dscp bits. PR1514580
In QFX5130-32CD, when a policer is configured as an action for a loopback filter, it does not take effect. PR1514601
On the QFX5130 platform, the source MAC address of the IPv6 neighbour advertisement packet is not learnt and populated in the MAC-address-table. This issue is seen only when the Layer 3 gateway node is configured with IRB and the host is connected through an intermediate Layer 2 switch. This does not impact or prevent the packet forwarding for the affected hosts. The MAC address of the host is learnt by the gateway node when the actual traffic from the host reaches the gateway node. PR1524966
Ingress policer scale is limited to 128 due to known issue in the Junos OS Evolved Release 20.3R1.PR1525525
On the QFX 5130-32CD platform, the port status LED remains off for a channelized interface, when one of the channel in the channelized port is down or when disabled. The port LED lits only when all the channels part of the port are up. PR1526532
User Interface and Configuration
For large YANG files, augmentation might not work. PR1416972
Open Issues
Learn about open issues in this release for the QFX5130-32CD and QFX5220. For the most complete and latest information about known Junos OS Evolved defects, use the Juniper Networks online Junos Problem Report Search application.
Interfaces and Chassis
The aggregate member links field in the show interfaces extensive command output for an aggregated Ethernet interfaces does not reflect number of member-link in the aggregated Ethernet bundle when the aggregated Ethernet interface is configured with multiple logical interfaces. PR1517841
Routing Protocols
The virtual-router option is not supported under a routing-instance in a lean rpd image. PR1494029
System Management
When a link goes up or down, Tx/Rx loss of signal alarm from diagnostics optics might take a long time (around 10 minutes) to show up. PR1499741
When changing a physical interface from a VLAN ID list to multiple single VLAN IDs or VLAN ID lists that fall within the original VLAN range, we might see one or more of the new physical interfaces not notified. For example, in the current commit we have the following configuration: set interfaces ae100 unit 1 vlan-id-list 1-100. In the next commit, if we run the set interfaces ae100 unit 1 vlan-id 1 set interfaces ae100 unit 2 vlan-id 2 command, we might see that one of the two physical interfaces is not notified. PR1504374
On the QFX5130-32CD platform running Junos OS Evolved, the user shall not be able to clear or reset the disk option specified in the scheduled request node reboot command. The node will reboot with the disk option last specified. PR1517596
On the QFX5130-32CD platform, when the management port speed is configured to 100Mbps, the port's status LED does not light up. However, the port forwards traffic normally. PR1521510
On the QFX5130-32CD platform running Junos OS Evolved, when user tries to change change the port speed of the member links which are part of an already configured aggregated Ethernet bundle, the member link may remain unattached to the aggregated Ethernet after changing the port speed. PR1526221
On the QFX5130-32CD platform, the ERSPAN status continues to show status as "Up" even when the destination IP address is unreachable. PR1527505
Relearning of MACs post flush with running traffic takes 30-35 minutes. PR1528511
On the QFX5130-32CD platform, the CLI option to configure a range of VLANs as the input for the analyzer is not supported in this release.PR1529419
fsck gets automatically run but is not guaranteed to recover disk corruption after an abrupt power cycle. Secondary disk or partition and snapshot functionality is available to help recover from such issues. PR1533232
The maximum power consumption for FPC is not exported in the JTI sensor for the FPC due to a know issue on the QFX5130 platform. The same can be viewed using the CLI command show chassis fpc detail. PR1533630
When port mirror is configured for an interface and its MTU is changed, it results in an evo-aftmand core that brings down the node. PR1538626
Commit error is seen even when gre and underlying interfaces are configured in same routing instances. PR1541833
Resolved Issues
Learn which issues were resolved in Junos OS Evolved Release 20.3R1 for the QFX5130-32CD and QFX5220.
For the most complete and latest information about known Junos OS Evolved defects, use the Juniper online Junos Problem Report Search application.
Infrastructure
fibd generates core files that can be seen after commit when the VLAN ID of a VLAN is changed. PR1497790
System Management
cmdd crashes when the request system shutdown reboot disk1 command is exceuted. PR1492955
The interface is not part of a member VLAN when configured. PR1495207
QFX5220-32CD and QFX5220-128C: evo-pfemand core file is seen if the loopback filter is applied with input-list and after switch is rebooted. PR1497909
QFX5220 does not support the following matches, which were supported on QFX5200: first-fragment, tcp-established, Is-fragment, and Hop-limit. PR1499009
SFP+-40G-CU1M's media type appears as fiber. PR1499408
The evo-aftmand process might be stuck at 100% CPU usage in a scaled setup. PR1511597
QFX5130-32CD: In LPM and default UFT profile, MACS are learnt more than 32,000 in Routing Engine. PR1528508
CoSd might crash when multiple configuration changes are made in a single commit. PR1536320