Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Junos OS Evolved Release Notes for PTX10003 and PTX10008 Devices

 

These release notes accompany Junos OS Evolved Release 20.3R1 for PTX10003 and PTX10008 (with the JNP10008-SF3 SIB) Packet Transport Routers. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

What's New

Learn about new features introduced in Junos OS Evolved Release 20.3R1 for the PTX10003 and PTX10008.

Hardware

  • We've added the following features to the PTX10008 for JNP10008-SF3 fabric in Junos OS Evolved Release 20.3R1.

    Table 1: Features Supported by the PTX10008

    Feature

    Description

    Hardware

    • This release introduces a limited encryption version Routing Engine, the JNP10K-RE1-ELT. This Routing Engine supports 400-Tbps line cards and JNP10008-SF3 switch fabric. The Routing Engine runs a Junos OS Evolved limited image that does not support data plane encryption and is intended only for the countries of the Eurasian Customs Union (EACU). [See PTX10008 Routing and Control Boards Components and Descriptions.]

    • Two new configuration models, and PTX10008-PREM2, are now available for sites that do not require a fully-populated chassis. These configurations allow the PTX10008 to operate with fewer Switch Interface Boards (SIBs). The configurations consist of:

      • PTX10008-BASE3—One routing engines, two fan trays, two fan tray controllers, six JNP10K-PWR-AC2 or JNP10K-PWR-DC2 power supplies, three SIBs, three SIB covers, and eight line-card slot covers.

      • PTX10008-PREM2—Two routing engines, two fan trays, two fan tray controllers, six JNP10K-PWR-AC2 or JNP10K-PWR-DC2 power supplies, four SIBs, two SIB covers, and eight line-card slot covers.

      [See PTX10008 Configurations and Upgrade Options.]

    High availability (HA) and resiliency

    • Platform resiliency enables the router to handle failures and faults related to the hardware components such as line cards, switch fabric, control boards, fan trays, fan tray controllers, and power supply units. Fault handling includes detecting and logging the error, raising alarms, sending SNMP traps, providing indication about the error through LEDs, self-healing, and taking components out of service. [See show system errors active.]

    • Support for VRRP. The following features are not supported for VRRP on Junos OS Evolved:

      • ISSU

      • Proxy ARP

      • MC-LAG

      • Distribution support on aggregated Ethernet interface (ae)

      • IRB

      • Inline delegation

      VRRP sessions might flap during GRES in centralized mode. [See Understanding VRRP.]

    Interfaces and chassis

    • Support to upgrade the optic drivers on the PTX10K-LC1201 line card without a full Junos OS Evolved upgrade. You can upgrade the optics drivers by running the request system software add package_name command. [See Hardware Supported by Junos Continuity Software.]

    • Unicast RPF support for both IPv4 and IPv6 traffic flows. [See Example: Configuring Unicast Reverse-Path-Forwarding Check.]

    • Support for configuring GRE tunnel encapsulation on FTIs using the loopback interface. You can configure encapsulation by using the command tunnel encapsulation gre source address destination address at the [edit interfaces fti0 unit unit ] hierarchy.

      Keep in mind the following when configuring this feature:

      • Adding tunnel-termination makes the tunnel decap-only tunnel and encapsulation will be disabled.

      • Both the source and destination address is mandatory when you don’t configure the tunnel-termination command.

      • Configuring a variable prefix mask on the source address isn’t allowed.

      [See Tunnel and Encryption Services Interfaces User Guide for Routing Devices.]

    • Native VLAN ID on Layer 3 interfaces enables the logical interface whose VLAN ID matches the native VLAN ID configured for that interface to accept untagged packets as well as tagged packets. The same logical interface with native VLAN ID enabled ensures that any packet going out of that interface does not have a tag attached. Packets can be outbound control packets or transit data packets. [See native-vlan-id.]

    • Support for the discard interface. [See Discard Interfaces.]

    • Support for the following transceivers:

      • QSFP-100G-FR—These transceivers interoperate with the QDD-4X100G breakout optics. For example, the QDD-4X100G-FR interconnects with up to four QSFP-100G-FR transceivers. The QSFP-100G-FR transceivers interconnect in single links (QSFP-100G-FR to QSFP-100G-FR or to QSFP-100G-DR) and interoperate at the shortest link length.

      • QSFP-100G-DR—These transceivers interoperate with 400-Gbps breakout optics. For example, the QDD-400G-DR4 interconnects with up to four QSFP-100G-DR transceivers. The QSFP-100G-DR transceivers interconnect in single links (QSFP-100G-DR to QSFP-100G-DR or to QSFP-100G-FR) and interoperate at the shortest link length.

      • QSFP-100G-LR—These transceivers interoperate with the QDD-4X100G breakout optics. For example, the QDD-4X100G-FR interconnects with up to four QSFP-100G-LR transceivers. The QSFP-100G-LR transceivers interconnect in single links (QSFP-100G-LR to QSFP-100G-LR or to QSFP-100G-FR) and interoperate at the shortest link length.

      Note: These transceivers are not compatible with earlier-generation 100-Gbps transceivers (for example, QSFP-100G-CWDM4 and QSFP-100G-LR4).

      [See the Hardware Compatibility Tool (HCT) for details.]

    • Support for adaptive load balancing (ALB) on multiple Packet Forwarding Engines for aggregated Ethernet bundles.

      Note: With ALB configured, the show interfaces ae0 extensive command displays adaptive statistics information under the physical interface, not the logical interface.

      [See Load Balancing on Aggregated Ethernet Interfaces.]

    • Aggregated Ethernet interfaces support mixed rates and mixed modes. The aggregated Ethernet supports member links of different modes (WAN and LAN) for 10GbEt links and member links of different rates for WAN and LAN aggregated Ethernet bundles. [See Configuration Guidelines for Aggregated Ethernet Interfaces.]

    Junos telemetry interface (JTI)

    • Support for export of physical interface queue statistics to an outside collector using UDP (native) streaming, remote procedure call (gRPC) services, or gRPC network management interface (gNMI) services.

      To export statistics through UDP, gRPC, or gNMI, use the sensor /junos/system/linecard/interface/queue/.

      Each physical interface has 8 queues. The following counters are exported as part of this sensor for all configured physical interfaces:

      • Transmitted packets and transmitted bytes

      • Red drop packets and bytes

      • Tail drop packets and bytes

      This feature includes zero suppression support. It does not include support for summed up counters on aggregated Ethernet (ae) interfaces.

      [See sensor (Junos Telemetry Interface) and Guidelines for gRPC and gNMI Sensors (Junos Telemetry Interface.]

    • Supports ON_CHANGE export of ARP and NDP table states to an outside collector using Junos telemetry interface (JTI) and remote procedure call (gRPC) services. Junos OS Evolved already supports ARP and NDP periodic streaming and ON_CHANGE. This feature adds interface address (IPv4, IPv6) telemetry data.

      The supported resource paths (sensors) are:

      • /interfaces/interface/subinterfaces/subinterface/ipv4/neighbors/neighbor/state/ supporting leafs ip, link-layer-address, and origin

      • /interfaces/interface/subinterfaces/subinterface/ipv6/neighbors/neighbor/state/ supporting leafs ip, ink-layer-address, origin, is-router, neighbor-state, and is-publish

      • /interfaces/interface/subinterfaces/subinterface/ipv4/addresses/address/state/ supporting leafs ip, prefix-length, and origin

      • /interfaces/interface/subinterfaces/subinterface/ipv4/addresses/address/state/ supporting leafs ip, prefix-length, and origin

      • /interfaces/interface/subinterfaces/subinterface/ipv4/unnumbered/state/ supporting leafs enabled, interface-ref/state/interface, and interface-ref/state/subinterface

      • /interfaces/interface/subinterfaces/subinterface/ipv4/state/ supporting leafs enabled and mtu

      • /interfaces/interface/subinterfaces/subinterface/ipv6/addresses/address/state/ supporting leafs ip, prefix-length, origin, and status

      • /interfaces/interface/subinterfaces/subinterface/ipv6/unnumbered/state/enabled

      • /interfaces/interface/subinterfaces/subinterface/ipv4/unnumbered/state/ supporting leafs enabled, interface-ref/state/interface, and interface-ref/state/subinterface

      • /interfaces/interface/subinterfaces/subinterface/ipv6/unnumbered/interface-ref/state/interface/subinterface/

      • /interfaces/interface/subinterfaces/subinterface/ipv6/state/ supporting leafs enabled and mtu

      [See Guidelines for gRPC and gNMI Sensors (Junos Telemetry Interface.]

    • This release supports export of Source Packet Routing in Networking (SPRING) statistics to an outside collector using remote procedure call (gRPC) services.

      This feature provides the per-segment identifier (SID) level and interface level traffic counts for SPRING traffic. These statistics reflect the SPRING LSP utilization in the TED, which aids to correctly re-route the RSVP LSPs.

      To enable SPRING statistics include the following statements on the client device:

      • For egress (per-interface egress) use the set protocols isis source-packet-routing sensor-based-stats per-interface-per-member-link egress at the [edit] hierarchy level.

      • For egress (per-SID egress) use the set protocols isis source-packet-routing sensor-based-stats per-sid egress at the [edit] hierarchy level.

      • For ingress (per-SID ingress) use the set protocols isis source-packet-routing sensor-based-stats per-sid ingress statement at the [edit] hierarchy level.

      Use the following sensors to export statistics by means of gRPC services to an outside collector:

      • /junos/services/segment-routing/interface/egress/usage/ for egress (per-interface egress) aggregate SPRING traffic.

      • /junos/services/segment-routing/sid/usage/ for egress (per-SID egress) and ingress (per-SID ingress) aggregate SPRING traffic.

      [See source-packet-routing and Guidelines for gRPC and gNMI Sensors (Junos Telemetry Interface.]

    Multicast

    • IPv4 and IPv6 multicast support including MSDP. This release also includes support for PIM-SM as the first-hop router (FHR) or last-hop router (LHR), and anycast, static, or local rendezvous point (RP).

    Network management and monitoring

    • Remote port mirroring with ToS or DSCP settings enables you to send sampled copies of incoming packets to remotely connected network management software. You send the packets through GRE encapsulation, which is supported by FTIs. You can set ToS and DSCP values to provide necessary priorities in the network for these packets. You can also apply policing to sampled packets that are leaving the FTI. Configure the settings you need in the [edit forwarding-options port-mirroring instance instance-name output] hierarchy. [See instance (Port Mirroring).]

    Port security

    Routing policy and firewall filters

    Routing protocols

    Services applications

    Software installation and upgrade

    • Incompatible database support for upgrade prepare notifications and multinode software life-cycle management. [See request system software add.]

    • Support for Junos OS Evolved limited image. The Junos OS Evolved limited image does not support data plane encryption and is intended only for the countries of the EACU. [See Junos OS Installation Package Names.]

    • All models of the QFX10008 are now eligible for upgrade to PTX10008 Packet Transport Router models. Upgrade kits can be ordered to convert QFX10008 models to PTX10008-BASE3, PTX10008-PREM2, or PTX10008-PREM3. [See QFX10008 Configurations and Upgrades.]

    • All models of the MX10008 are now eligible for upgrade to PTX10008 Packet Transport Router models. Upgrade kits can be ordered to convert MX10008 models to PTX10008-BASE3, PTX10008-PREM2, or PTX10008-PREM3. [See MX10008 Components and Configurations.]

    • Support for ZTP on WAN interfaces. [See Zero Touch Provisioning Overview.]

    • ZTP supports the DHCPv6 client. [See Zero Touch Provisioning Overview.]

  • Support for QSFP-100G-FR, QSFP-100G-DR, and QSFP-100G-LR transceivers (PTX10003)—Starting in Junos OS Evolved Release 20.3R1, we provide support for these transceivers:

    • QSFP-100G-FR—These transceivers interoperate with the QDD-4X100G breakout optics. For example, the QDD-4X100G-FR interconnects with up to four QSFP-100G-FR transceivers. The QSFP-100G-FR transceivers interconnect in single links (QSFP-100G-FR to QSFP-100G-FR or to QSFP-100G-DR) and interoperate at the shortest link length.

    • QSFP-100G-DR—These transceivers interoperate with 400-Gbps breakout optics. For example, the QDD-400G-DR4 interconnects with up to four QSFP-100G-DR transceivers. The QSFP-100G-DR transceivers interconnect in single links (QSFP-100G-DR to QSFP-100G-DR or to QSFP-100G-FR) and interoperate at the shortest link length.

    • QSFP-100G-LR—These transceivers interoperate with the QDD-4X100G breakout optics. For example, the QDD-4X100G-FR interconnects with up to four QSFP-100G-LR transceivers. The QSFP-100G-LR transceivers interconnect in single links (QSFP-100G-LR to QSFP-100G-LR or to QSFP-100G-FR) and interoperate at the shortest link length.

    Note

    These transceivers are not compatible with earlier-generation 100-Gbps transceivers (for example, QSFP-100G-CWDM4 and QSFP-100G-LR4).

    [See the Hardware Compatibility Tool (HCT) for details.]

Authentication, Authorization, and Accounting

  • Support for remote TACACS+ authorization for locally authenticated users (PTX10003)—Starting in Junos OS Evolved Release 20.3R1, you can configure remote authorization on the TACACS+ server for locally authenticated users by using their locally configured parameters.

    [See password-options.]

Interfaces and Chassis

  • Support for bringing line cards online parallelly (PTX10008)—The PTX10008 with Junos OS Evolved Release 20.3R1 or later brings the line cards online parallelly (independent of each other), not sequentially. This change eliminates the dependency of a line card on a higher priority line card to come online. However, the router allocates power to the line cards based on the priority configured in the system. The parallel bring-up behavior does not have a visible effect when there is sufficient power in the system. But when the system power capacity is degraded because of some reason, the system takes down the lowest priority line cards to power up the highest priority line cards. If the system is booting up with insufficient power, power is allocated only to the high-priority line cards.

    [See fru-poweron-sequence.]

  • VLAN tag manipulation: pop, push, and swap (PTX10003)—Starting in Junos OS Evolved Release 20.3R1, you can configure your VLAN circuit cross-connect (CCC) logical interface on a Layer 2 circuit to handle single-tag packets. You can also use the l2circuit-control-passthrough statement at the [edit forwarding-options] hierarchy level to enable passthrough of certain Ethertype/DMAC-matched frames over the Layer 2 circuit after successful VLAN tag manipulation on the VLAN CCC logical interface. The VLAN CCC logical interface can be on a single Ethernet interface or on an aggregated Ethernet interface.

    Note

    You cannot configure flexible-vlan-tagging or flexible-ethernet-services on PTX10003.

    [See Configuring an MPLS-Based VLAN CCC with Pop, Push, and Swap and Control Passthrough.]

  • Support for QSFP28 100GE DWDM transceivers (PTX10003)—Starting in Junos OS Evolved Release 20.3R1, the PTX10003 router supports the QSFP28 100GE DWDM optical transceiver module (shown in the CLI as QSFP-100GE-DWDM2) for 100GbE applications. This transceiver is suited for data center interconnect, which requires high-fiber capacity for links up to 80 km.

    The Junos OS Evolved features supported by the QSFP28 100GE DWDM transceiver include the following:

Junos OS XML API and Scripting

  • Routing instance support in Python 3 applications (PTX Series and QFX Series)—Starting in Release 20.3R1, devices running Junos OS Evolved support specifying the routing instance used by a process or socket in Python 3 applications that are executed from the Linux shell. Python 3 applications can import the libpyvrf module and use the module’s functions to set the Linux VRF corresponding to the Junos OS routing instance for a specific context.

    [See How to Specify the Routing Instance in Python 3 Applications on Devices Running Junos OS Evolved.]

Junos Telemetry Interface

  • IS-IS sensor support for JTI (PTX10003 routers)—Starting in Junos OS Evolved Release 20.3R1, Junos telemetry interface (JTI) supports OpenConfig Version v0.3.3 (from v0.2.1) for resource paths related to IS-IS link-state database (LSDB) streaming. The difference between the two versions results in changes, additions, deletions, or non-support for leaf devices related to the following IS-IS type length value (TLV) parameters and IS-IS areas:

    • TLV 135: extended-ipv4-reachability

    • TLV 236: ipv6-reachability

    • TLV 22: extended-is-reachability

    • TLV 242: router-capabilities

    • IS-IS interface attributes

    • IS-IS adjacency attributes

    To stream data for the IS-IS routing protocol to an outside collector using remote procedure call (gRPC) services and Junos telemetry interface, include the following resource paths in a subscription:

    • /network-instances/network-instance[name_'instance-name']/protocols/protocol/isis/levels/level/

    • /network-instances/network-instance[name_'instance-name']/protocols/protocol/isis/interfaces/interface/levels/level/

    To stream or export ON-CHANGE data for IS-IS adjacency and link-state database (LSDB) statistics to an outside collector using remote procedure call (gRPC) services or gRPC Network Management Interface (gNMI) services and JTI, include the following resource paths in a subscription:

    • /network-instances/network-instance/protocols/protocol/isis/interfaces/interfaces/circuit-counters/state/ (stream)

    • /network-instances/network-instance/protocols/protocol/isis/interfaces/interface/levels/level/packet-counters/ (stream)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/system-level-counters/state/ (stream)

    • /network-instances/network-instance/protocols/protocol/isis/interfaces/interfaces/levels/level/adjacencies/adjacency/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/extended-ipv4-reachability/prefixes/prefix/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/extended-ipv4-reachability/prefixes/prefix/subtlvs/subtlv/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/ipv6-reachability/prefixes/prefix/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/ipv6-reachability/prefixes/prefix/subtlvs/subtlv/ (stream)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/extended-is-reachability/neighbors/neighbors/subTLVs/subTLVs/adjacency-sid/sid/state/ (ON-CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/extended-is-reachability/neighbors/neighbors/subTLVs/subTLVs/lan-adjacency-sid/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/ipv4-interfaces-addresses/state/ (ON_CHANGE))

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/ipv4-srlg/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/ipv4-te-router-id/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/ipv6-interfaces-addresses/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/router-capabilities/router-capability/subtlvs/subtlv/segment-routing-capability/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/state (stream)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/area-address/state/address (stream)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/nlpid/state/nlpid (stream)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/lsp-buffer-size/state/size (stream)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/hostname/state/hname (stream)

    [See Configuring a Junos Telemetry Interface Sensor (CLI Procedure) and Guidelines for gRPC Sensors (Junos Telemetry Interface).]

  • Support for BGP neighbor and MPLS sensors on JTI with gNMI (PTX10003)—Starting in Junos OS Evolved Release 20.3R1, Junos telemetry interface (JTI) supports streaming BGP neighbors, label-switched path (LSP), and RSVP statistics to a remote collector. In prior releases, these statistics were supported on PTX10003 routers using remote procedure call (gRPC) services. This feature now adds support for streaming these statistics using gRPC network management interface (gNMI) services.

    To stream data, include the following resource paths in a subscription:

    • /network-instances/network-instance[name='instance-name']/mpls/

    • /network-instances/network-instance/protocols/protocol/bgp/

    [See Guidelines for gRPC Sensors (Junos Telemetry Interface).]

  • Physical interface queue statistics sensor support for JTI (PTX10003)—Junos OS Evolved Release 20.3R1 supports export of physical interface queue statistics to an outside collector using UDP (native) streaming, remote procedure call (gRPC) services, or gRPC network management interface (gNMI) services.

    To export statistics through UDP, gRPC, or gNMI, use the sensor /junos/system/linecard/interface/queue/.

    Each physical interface has 8 queues. The following counters are exported as part of this sensor for all configured physical interfaces:

    • Transmitted packets and transmitted bytes

    • Red drop packets and bytes

    • Tail drop packets and bytes

    This feature includes zero suppression support. It does not include support for summed up counters on aggregated ethernet (ae) interfaces.

    [See sensor (Junos Telemetry Interface) and Guidelines for gRPC and gNMI Sensors (Junos Telemetry Interface.]

Layer 2 Features

  • Proxy ARP (PTX10003)—Starting in Junos OS Evolved Release 20.3R1, PTX10003, both restricted and unrestricted ARP are supported. With restricted ARP, the device responds to the ARP requests in which the physical networks of the source and target are not the same and the device has an active route to the target address in the ARP request. The device does not reply if the target address is on the same subnet and the same interface as the ARP requestor. With unrestricted ARP, the device responds to any ARP request, on the condition that the device has an active route to the destination address of the ARP request. The route is not limited to the incoming interface of the request, nor is it required to be a direct route.

    By default, proxy ARP is unrestricted, supported on et and ae interfaces, and supported on active routes.

    To enable unrestricted proxy ARP, enable the unrestricted statement at the [edit interfaces interface-name proxy-arp] CLI hierarchy.

    To enable restricted proxy ARP, enable the restricted statement at the [edit interfaces interface-name proxy-arp] CLI hierarchy.

    To enable default mode (unrestricted), enable the proxy-arp statement at the [edit interfaces interface-name] CLI hierarchy.

    [See Restricted and Unrestricted Proxy ARP Overview.]

Routing Policy and Firewall Filters

  • Filter-based GRE encapsulation and de-encapsulation and filter-based MPLS-in-UDP de-encapsulation (PTX10003)—Starting in Junos OS Evolved Release 20.3R1, we’ve enabled the following encapsulation and de-encapsulation workflow:

    1. An incoming packet matches a filter term with an encapsulate action. The packet is encapsulated in an IP+GRE header and is forwarded to the endpoint’s destination.
    2. At the destination, the packet matches a filter term with a de-encapsulate action. The GRE header or MPLS-in-UDP header is stripped from the packet. The inner packet is routed to its destination.

    [See Components of Filter-Based Tunneling Across IPv4 Networks and tunnel-end-point .]

  • Support for unicast RPF strict mode and fail-filters (PTX10003)—Starting in Junos OS Evolved Release 20.3R1, you can use unicast reverse path forwarding (RPF) strict mode, and fail filters, to prevent IP spoofing on IPv4 and IPv6 packet flows (unicast RPF loose mode is already supported).

    With unicast RPF enabled, the PTX 10003 forwards packets from a valid path to the destination address, and either discards packets from an invalid path or sends them on to the fail-filter for further processing. This can be an effective way to mitigate denial-of service (DoS) attacks. In strict mode, the router interface only accepts packets if the source address matches a route (default or learned) that is reachable through the interface.

    [See Understanding How Unicast RPF Prevents Spoofed IP Packet Forwarding.]

Routing Protocols

  • VRRP Support (PTX10003)—Starting in Junos OS Evolved Release 20.3R1, PTX10003 routers support VRRP. The following features are not supported for VRRP on Junos OS Evolved: GRES, NSR, ISSU, ProxyArp, MC-LAG, IRB.

    [See Understanding VRRP]

  • Support for multiple MD5 for RIPv2 (PTX10008)—Starting in Junos OS Evolved Release 20.3R1, you can define multiple MD5 authentication keys for RIPv2. This feature supports adding of MD5 keys with their start-time. RIPv2 packets are transmitted with MD5 authentication using the first configured key. RIPv2 authentication switches to the next key based on its configured respective key start-time. This provides auto-key switching without user intervention to change the MD5 keys as in the case of having only one MD5 key.

    To enable multiple MD5 support for RIPv2, include the authentication-selective-md5 statement at the [edit protocols rip] hierarchy level.

  • Routing Protocol feature support (PTX10003)—We’ve added the following routing protocols features to the PTX10003 routers in Junos OS Release Evolved 20.3R1.

    Table 2: Routing Protocol Features Supported by the PTX10003

    Technology

    Supported Features

    BGP

    • BGP flowspec redirect to IP

    • BGP prefix-based outbound route filter (ORF)

    • BGP over IPv6

    • EBGP peering using link-local addresses (IPv6)

    • Regular expressions for BGP extended communities

    • BGP AS path lists

    • Option for link bandwidth in BGP multipath path selection

    • SNMP objects for BGP peer received prefix counters

    • BGP route target filtering

    • Label aggregation using BGP site of origin community attribute

    • Option to limit the number of active prefixes on BGP peering session

    • TCP MSS per BGP peer option

    • Timer-based solution to periodically advertise MED updates

    • Fast connectivity restoration using add-path

    • Router reflector with dynamic policies

    • End-to-end restoration: BGP convergence in case of multihoming

    • Software-defined networking (SDN): BGP monitoring protocol v3 compliance

    • Static route target-C entries

    • Software-defined networking (SDN): BGP-TE

    • End-to-end restoration: Tail end protection for BGP Labeled Unicast (BGP-LU)

    • End-to-end restoration: BGP-LU PE-CE link protection

    • End-to-end restoration: edge node-failure protection of BGP signaled pseudowires

    • BGP persistence

    • BGP graceful shutdown (RFC 6198)

    • BGP administrative shutdown communication (RFC 8203)

    • Advertise statically inactive route via BGP

    • End-to-end restoration: multihoming BGP

    • Entropy label support for BGP-LU

    • End-to-end restoration: BGP prefix-independent convergence in RSVP

    • Multiprotocol BGP over IPv6 (IPv4 over IPv6)

    • BGP prefix prioritization

    • BGP-LU FRR

    • BGP optimal route reflector with IS-IS

    • BGP-LU support to include a stack of labels

    • BGP flowspec

    • BGP optimal route reflector with OSPF

    • BGP add path support for community

    • Paths to resolve a BGP prefix when using another BGP prefix for penultimate next-hop resolution

    • BGP 64-way add-path

    • BGP multipath

    • Enable BGP multipath configuration in global hierarchy

    • AS number count

    • BGP add-path support for VPN

    • BGP peer

    • BGP link bandwidth community aggregation

    • BGP LU (top label) statistics

    • BGP add path support for eBGP

    • Import IGP topology into BGP-LS

    • Performance enhancement for BGP reconfiguration

    • BGP remote next hop support for single-hop EBGP peers

    • Enterprise-specific BGP trap support for BGP clients with IPv6 address

    • Advertising multiple paths in BGP (upto 20 BGP add-paths for prefixes)

    • EBGP route server functionality

    • BGP route API support for EBGP

    • Add-path or multipath optimization to improve RIB learning rate

    [See BGP User Guide.]

    Bidirectional Forwarding Detection (BFD)

    • Static routes and MPLS PE to CE links

    • MPLS LSPs

    • PE-PE with ECMP awareness

    • PPMD and single-hop BFD to Packet Forwarding Engine

    • MIB

    • IPv6 static route

    • OSPFv3

    • Distributed BFD over aggregated interface

    • BFD-triggered fast reroute

    • Distributed BFD for BGP multihop

    • BFD over child links of aggregated Ethernet interface (ae) or LAG bundle

    • Control plane scaling

    • Support for IS-IS IPv6

    • Dampening for OSPF

    [See High Availability Feature Guide.]

    Infrastructure

    • 64-bit RPD support

    • End-to-end restoration: host fast reroute (HFRR)

    Interior Gateway Protocol (IGP)

    • Prefix limit of imported external routes

    • Shared Risk Link Group (SRLG) support

    • IS-IS prioritized route installation in FIB

    • Policy-based support for loop-free alternate (LFA) in IS-IS and OSPF

    • IS-IS flooding group

    • Remote LFA (rLFA) support in OSPF

    • OSPFv3 for IPv6

    IPv6

    • BGP flowspec for IPv6

    [See Multiprotocol BGP.]

    IS-IS

    • Option to turn off IS-IS hello and/or SNP authentication

    • Route tagging

    • IPv6 multitopology extensions

    • LFAs

    • MIB according to RFC4444

    • Per-prefix LFA

    • FRR route convergence

    • Link down microloop avoidance

    • Option to overload stub networks through IS-IS overload

    • IGP shortcut selection by protocol for weighted equal-cost multipath (WECMP)

    [See IS-IS User Guide.]

    Layer 2 Circuit

    • LSP ping for Layer 2 VPN and Layer 2 circuits

    • Null control word processing for Layer 2 frames over MPLS

    • Traffic engineering of Layer 2 circuits over multiple LSPs

    [See Layer 2 VPNs and VPLS User Guide for Routing Devices.]

    Layer 2 VPN

    • End-to-end restoration: Layer 2 VPN service mirroring

    • Inet and inet6 family support on PS (cross-functional)

    • FEC 129 multisegment pseudowire

    • FAT pseudowire support for BGP L2VPN and VPLS

    • Chained composite next hop for L2CKT and L2VPN

    • MPLS converged services: stitching of pseudowire segments (multisegment pseudowires with BGP-L2VPN)

    [See Layer 2 VPNs and VPLS User Guide for Routing Devices.]

    Layer 3 VPN

    • OSPF sham links for MPLS VPNs

    • MIBs for RFC 2547 VPNs

    • Loopback interfaces for each VRF

    • Simplified policy configuration for BGP community per-VRF

    • LDP-IGP as PE-CE device routing for carrier-of-carriers

    • IPv6 VPNs

    • Automatic configuration of route distinguishers on VPN PE routers

    • vrf-table-label for Layer 3 VPNs and Frame Relay uplinks

    • BGP and VRF option for vpn-apply-export statement

    • vrf-table-label for (non-VLAN) Ethernet P-PE uplinks

    • Path MTU discovery on IPv4 and IPv6 VPNs

    • IPv6 and OSPFv3 on VRF instances and running over tunnels

    • Peering with family inet unicast and inet label-unicast on the same session

    • VPN load-balancing between PE devices that have different route distinguishers

    • vrf-table-label for Layer 3 VPNs and ATM uplinks

    • Support for no-propagate-ttl on a per-VRF basis

    • CLI usability features for Layer 3 VPN

    • GRE tunnel through VRF

    • BGP policy to control VPN label allocation mode

    • MIB for route entries in VRF (RFC 4382)

    • PWT into VRF: logical tunnel redundancy

    • Increasing the number of Layer 3 VPNs with vrf-table-label configured

    • IRB in MPLS VRF

    • Multicast VRF route leaking

    • LSP ping for VPN LSPs

    • LSP ping for labeled BGP

    • CLI command show route bgp route-distiguisher for prefix

    [See Layer 3 VPNs User Guide for Routing Devices.]

    Label Distribution Protocol (LDP)

    • Client or server LDP mapping

    • LDP native IPv6 support

    [See MPLS Applications User Guide.]

    MPLS

    • LSP ping for CCC and CCC secondary standby LSP

    • LSP ingress traceroute

    • Advertising MPLS labels in IS-IS

    • Flexible MPLS label stack depth for segment routing

    • Point-to-point traceroute (support RSVP FEC at ingress and transit)

    • Leaking MPLS.0 routes between virtual routers and VRFs

    • Cross-connect logical interface to two unsignaled virtual circuits terminating on different egresses

    • RSVP automatic mesh: full mesh based on the need to resolve a BGP next hop

    • Edge node-failure protection of LDP signaled pseudowires

    • Label operations: push and swap push

    • Static Ethernet pseudowires double-label operation

    • PE devices

    • CLI support for monitoring MPLS label usage

    [See MPLS Applications User Guide.]

    MPLS-RSVP Point-to-Multipoint

    • Traffic-engineered LSPs with static explicit route object (ERO)

    • Traffic-engineered LSPs with link protection

    • Ultimate-hop popping for LSPs

    • Ingress PE redundancy for LSPs

    • Traffic engineering MIB

    • Interarea point-to-multipoint LSP

    • Load balancing over aggregated links

    • Multicast make-before-break

    • Admin-group for bypass LSPs

    [See MPLS Applications User Guide.]

    Multipoint LDP

    • Inband signalling

    • MIB

    [See MPLS Applications User Guide.]

    OCST: OpenConfig

    • BGP configuration to become network-instance compliant (v4.0.1)

    [See OpenConfig User Guide.]

    OpenConfig

    • BGP configuration model (v2.1.1)

    [See OpenConfig User Guide.]

    OSPF

    • Policy-based inbound route filtering

    • Active backbone detection

    • Multitopology routing OSPF

    • Export external route to multiple area scoped type 7 LSAs

    • OSPFv3 SNMP MIB

    • Route install prioritization

    • Database protection

    • Per-prefix LFA

    • Option to overload stub networks through OSPF overload

    [See OSPF User Guide.]

    OSPFv3

    • Address family support

    • MIB support according to RFC5643

    Path Computation Element Protocol (PCEP)

    • MD5 authentication for PCC/PCEP

    • Point-to-multipoint

    • No-ERO or loose ERO support

    • Path computation for segment routing LSP

    • Support for PCEP MIB

    • Support for latest version of PCEP RFC 8231

    • PCE support for RSVP-TE

    Programmable Routing Protocol (PRPD)

    • gRIBI RIB programming interface

    • BGP SR-TE policy AFI

    • BGP flowspec AF

    • Move programmed routes to hidden state upon next-hop interface failure

    [See Juniper Extension Toolkit API Guide.]

    Segment Routing

    • Advertising MPLS labels in OSPF

    • BGP-LS with SPRING extensions

    • LDP mapping client

    • Advertising MPLS labels in IS-IS

    • RSVP interoperability

    • Static LSP with label stack

    • Adjacency SID support for different use cases (IS-IS)

    • Anycast and prefix segments and interarea (OSPF)

    • TI-LFA procedures for link and node protection (IS-IS and OSPF)

    • Static adjacency SID support for different use cases (OSPF)

    • Enabling first hop as segment ID instead of IP address

    • LDP mapping server

    • BGP triggered dynamic creation of colored SR-TE tunnels

    • Policy-based multipath routes

    • TI-LFA using SRMS routes (IS-IS)

    • Advertise traffic engineering attributes for segment routing irrespective of RSVP-TE

    • Flexible algorithm (IS-IS only)

    • MPLS-SR for IPv6 prefix and adjacency SID (IS-IS)

    • Segment routing global block (SRGB) for OSPF

    • MPLS ping and traceroute (IS-IS and OSPF for IPv4 only)

    • BGP binding SID (draft-previdi-idr-segment-routing-te-policy)

    • Segment list path ERO support using IP address as next hop and loose mode

    [See Understanding Source Packet Routing in Networking (SPRING).]

    VPN

    • Graceful restart for CCC

    • Generalized VPN MIB

Services Applications

  • Support for multiple collectors in inline active flow monitoring (PTX10003)—Starting in Junos OS Evolved Release 20.3R1, you can configure inline active flow monitoring to export flow records to up to four different collectors. Previously, inline active flow monitoring could only export flow records to a single collector.

    [See Configuring Inline Active Flow Monitoring on PTX Series Routers.]

  • Reporting of the true incoming interface for the sample packets for inline active flow monitoring (PTX10003)—Starting in Junos OS Evolved Release 20.3R1, inline active flow monitoring reports the true incoming interface for the GRE-de-encapsulated packets entering the router for the configured inline active flow monitoring filter criteria.

    [See Understanding Inline Active Flow Monitoring and Configuring Flow Aggregation to Use IPFIX Flow Templates on PTX Series Routers.]

  • Support for RFC 5357 Two-Way Active Measurement Protocol (TWAMP) monitoring service (PTX10003)—Starting in Junos OS Evolved 20.3R1, you can configure the TWAMP monitoring service on PTX10003 routers. This service sends out probes to measure network performance. TWAMP is often used to check compliance with service-level agreements. For Junos OS Evolved, TWAMP is configured at the [edit services monitoring twamp] hierarchy level. The support for this service is limited to the following:

    • IPv4 traffic only for control sessions and test sessions

    • Probe statistics and history

    • Control and test session status

    • Test session probe generation and reception, as well as reflection

    • Timestamps set by the Routing Engine or the Packet Forwarding Engine

    • Error reporting through system log messages only

    • Unauthenticated mode only

    [See Understanding Two-Way Active Measurement Protocol on Routers.]

Software Licensing

  • Juniper Agile Licensing (QFX5220-32CD, QFX5220-128C, PTX10003-80C, and PTX10003-160C) —Starting in Junos OS Evolved Release 20.3R1, we’re moving toward license-based software features. We now use Juniper Agile Licensing to support soft enforcement for software features on the listed devices.

    Juniper Agile Licensing provides simplified and centralized license administration and deployment. You can install and manage licenses for hardware and software features using Juniper Agile Licensing.

    From this release onwards, you can now opt to use the Juniper Agile License Manager to significantly improve the ease of license management for an entire network of supported devices.

    If you are upgrading to this release, you need new license keys to use the features on the listed devices. Contact Customer Care to exchange license keys for Junos OS releases earlier than Junos OS Evolved Release 20.3R1.

    Table 3 describes the licensing support on the QFX5220-32CD and QFX5220-128C devices.

    Table 3: Licensed Features on the QFX5220-32CD and QFX5220-128C

    QFX Switch License Model

    Detailed Features

    Standard license for integrated SKUs (standard hardware and software platform)

    Filters (Layer 2 and Layer 3), Layer 2 (xSTP, 802.1Q, LAG), Layer 3 (static), QoS (Layer 2 and Layer 3), and SNMP

    Advanced license for integrated and advanced SKUs

    Advanced 1: BGP, FBF, GRE, IS-IS, JTI, MC-LAG, OSPF, sFlow, VRF, and VRRP

    Advanced 2: Includes Advanced 1 features + CFM, Layer 2 and Layer 3 multicast, OAM, Packet Timestamping, PTP, and Q-in-Q

    Premium license for integrated and premium SKUs

    Includes Advanced 2 features + EVPN-MPLS, MPLS, Layer 2 circuit, Layer 3 VPN, LDP, RSVP, segment routing, and SR-TE

    Table 4 describes the licensing support for the PTX10003-80C and PTX10003-160C devices.

    Table 4: Licensed Features on the PTX10003-80C and PTX10003-160C

    License Model

    Detailed Features for Fabric Management

    Scale

    Security License

    Standard

    Filters (Layer 2 and Layer 3), Layer 2 (xSTP, 802.1Q, LAG), Layer 3 (static), quality of service or QoS (Layer 2 and Layer 3), and SNMP

    64K FIB

    K stands for 1000.

    The PTX10003 router supports the MACsec feature, but you must purchase a license separately to use the feature.

    Advanced

    Advanced 1

    BGP, FBF, GRE, IS-IS, Junos telemetry interface (JTI), OSPF, sFlow, VRF, and VRRP

    256K FIB, 3M RIB, and 1K VR

    M stands for million.

    Advanced 2

    Advanced 1 features, CFM, EVPN-VXLAN, Multicast, OAM, PTP, and Q-in-Q

    256K FIB, 3M RIB, and 1K VRs/VRF (VXLAN)

    Premium

    Premium 1

    Advanced 2 features, EVPN-MPLS, IPFIX, Layer 2 circuit, Layer 3 VPN, LDP, RSVP, SR, and SR-TE

    2M FIB, 6M RIB, 1K VRs/VRF (VXLAN), 32 VRF (MPLS Layer 3 VPN), and 32K LSP

    Premium 2

    Premium 1 features and fine-grained QoS

    2M to 4M FIB, 60M to 80M RIB, 1K+ VRs/VRF (VXLAN), 32+ VRF (MPLS Layer 3 VPN), and 32K+ LSP

    * Scaling is based on the device capacity.

    [See Supported Features on QFX5220-32CD and QFX5220-128C device, Supported Features on PTX10003-80C and PTX10003-160C device, Juniper Agile Licensing Guide, and Configuring Licenses in Junos OS.]

User Interface and Configuration

  • Support for virtual routing and forwarding (VRF) and source address (PTX10008)—Starting in Junos OS Evolved release 20.3R1, VRF and source address is supported for NTP.

    [See Virtual Routing Instances and source-address.]

What's Changed

Learn about what changed in Junos OS Evolved Release 20.3R1 for the PTX10003 and PTX10008.

Interfaces and Chassis

  • Change in support for interface-transmit-statistics statement—You cannot configure aggregated Ethernet interfaces to capture and report the actual transmitted load statistics by using the interface-transmit-statistics statement. Aggregated Ethernet interfaces do not support reporting of the transmitted load statistics. In Junos OS Evolved release 20.3R1, the interface-transmit-statistics statement is not supported in the aggregated Ethernet interfaces hierarchy. In earlier releases, the interface-transmit-statistics statement was available in the aggregated Ethernet interfaces hierarchy but not supported.

Junos OS XML API and Scripting

  • Changes to Junos XML RPC request tag names (PTX Series, QFX Series)—The Junos XML request tag name for some operational RPCs has been updated to ensure consistency across the Junos XML API. Devices running Junos OS will still accept the old request tag names, but we recommend using the new names going forward. The following changes have been made:

    • Most, but not all, request tag names that start with show replace show with get in the name.

    • Any uppercase characters are converted to lowercase.

    [See Junos XML API Explorer - Operational Tags.]

Known Limitations

Learn about limitations in this release for the PTX10003 and PTX10008.

For the most complete and latest information about known Junos OS Evolved defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

  • Some XML tags for the show system buffers command are missing in Junos OS Evolved. PR1429626

  • On PTX Series devices running Junos 19.3R1, the show ddos-protection protocols eoam oam-cfm command returns blank output. This command is supposed to be disabled on PTX Series devices. There is no functional impact; it is just an extra visible command option that has no functionality. PR1456043

  • During fabric link bringup/fabspoked-fchip restart/sib offline or sib online, /re0/fabspoked-fchip might not respond to CLI commands (show chassis sibs). This is indicated by the following output on CLI error: communication failure with /re0/fabspoked-fchip/.

    1. The producer app is either down or unresponsive. Run the show system processes node node | grep app command to check if the app is running. Run the show system application app to check the state of the app.

    2. If there is a change in mastership recently, wait for the switchover to complete for the app to be online. Run request chassis routing-engine master switch check to check the status of switchover. If the command is reissued after training or detraining reaches a steady state, valid output shows up in the CLI. PR1459430

  • On PTX10008 routers, the subsystem within the Packet Forwarding Engine continues to monitor the ASIC for new interrupts even for the ASIC for which all the interfaces are disabled. On an ASIC that has all the interfaces disabled due to a fatal error, all the new interrupts that are reported after the fatal event should be ignored. PR1470391

  • PTX10008 graceful OIR leads to missing of sensor data for power and temperature. Follow the optimized step given as a workaround to have OIR working. PR1478951

  • Restarting the fabspoked-pfe application for the line card restarts the line card. PR1486023

  • The local repair time for fast reroute is 50 ms. If the system has a scaling configuration or is heavily loaded for processing, the local repair time may be longer than 50 ms. In this case, it gets 65 ms local repair time. PR1489139

  • Fabric drops counter shows 0 in the show pfe statistics traffic CLI command output. PR1494226

  • On the PTX10003 router, it takes around 40 seconds for traffic to flow through all 4093 VLANs after the configuration is committed. PR1496757

  • On PTX10003, with a MAC scale of 32,000, the MAC learning rate achieved is 15,000 MAC entries per second and with a MAC scale of 64,000, it is 6000 MAC entries per second. PR1498568

  • SA and DA reject interface filters are not supported on PTX10008. PR1500789

  • PCIe AER uncorrectable errors might be seen on the console when SIBs are powered off during system boot, when CLI is offline or when a new Routing Engine connects to the SIBs after mastership switchover. These errors are expected and are not indicative of underlying functional issues. PR1501647

  • When an FPC is removed ungracefully, an alarm is generated indicating Fpcx Node unreachable. This alarm is cleared only when the FPC is plugged back into the same slot. PR1503450

  • It was found that DSCP mark action for inet6 is not supported in Junos OS Evolved Packet Forwarding Engine. We might observe unexpected behavior if a filter is configured with IPv6 DSCP mark action. PR1504463

  • MAC entries are stuck in l2ald or l2alm for some time after the clear ethernet switching command is executed. PR1507812

  • Software works as designed. For a faulty link, after autoheal was triggered by jresil and before the action is completed, if fabspoked-fchip restarts, the link stays in fault state, after the app restarts. PR1508915

  • Once the FPC restarts, the related FPC UDP statistics are not exported and the only way to recover from this state is to reboot the device under test and resubscribe to UDP sensor again. PR1516432

  • MPLS ping does not work for RSVP LSP with UHP configured. PR1517870

  • If a ZF pio fault is hit followed by a second ZF pio fault on the same sib before the sib has completely recovered from the first one, it may result in nondeterministic state of fabric links to/from the impacted sib. PR1519855

  • For PTX10008 platforms, input or output bytes under ifd statistics include Layer 2 header. PR1524650

  • In Junos OS Evolved 20.3, fabsopke-fchip generates a core file if fabsopke-fchip restarts and SIB offline happens one after other with in the same minute. Any previous alarm does not get cleared. PR1525577

  • We see 34% when we set to have 50%. For example: the following configuration is meant to see 50% traffic mirrored; however, we see 34% mirrored:

    set forwarding-options port-mirroring instance Ins1 input run-length 10

    set forwarding-options port-mirroring instance Ins1 input rate 20 PR1527129

Interfaces and Chassis

  • When highly accelerated life test is carried out on PTX10003, FPC error messages egp_intr_pkt_trapcode are seen on the console. There is no direct impact on control plane protocol or to data traffic. PR1425508

  • On PTX10003, when the Picd app restarts, sometimes the 10GbE link status remains down. The link can be recovered by disabling or enabling the remote end. PR1488146

  • When the loopback configuration is applied to a LAG (aggregated Ethernet) interface, the interface goes down. PR1497591

MPLS

  • LMP is not supported on Junos OS Evolved platforms PR1524699

User Interface and Configuration

  • For large YANG files, augmentation might not work. PR1416972

Open Issues

Learn about open issues in this release for the PTX10003 and PTX10008.

For the most complete and latest information about known Junos OS Evolved defects, use the Juniper Networks online Junos Problem Report Search application.

Class of Service (CoS)

  • Support import - Classifier/Rewrite. PR1483505

  • While configuring WRED profile to a scheduler, Please use either of a) any/any b) not-any/not-any combination of protocol and Loss priority.. PR1524259

Fault Management

  • CRC errors on interface might result in Cmerror and ASIC errors in logs. PR1499291

General Routing

  • The convergence time is of the order of 3508 ms for OSPF or IS-IS (50,000 routes scale, which is equivalent to 14,253 routes per second). In case of BGP, it is of the order of around 17,000 routes per second. PR1379961

  • On disabling both the primary and secondary commit and then rollback and getting them up, traffic does not resume on primary. PR1382695

  • No application detected during unified ISSU in case the same application is in offline state in the base image. PR1438686

  • Traffic loss of up to 400 ms can be seen in MPLS FRR scenario. PR1472908

  • The JFlow sampled traffic might not get rate limited in host-pipe and cause drop in throughput of interfaces on PTX10008 routers. This issue is seen due to the missing code for rate-limiters specifically on PTX10008. PR1473844

  • Use traffic statistics instead of Packet Forwarding Engine statistics to understand the flow of traffic. PR1478244

  • UDP sensor streaming does not currently support FPC restart and Junos OS Evolved apps restart. PR1492096

  • On PTX10003-80C and PTX10003-160C systems, with sampling enabled and a FIB scale of 2 million, the rpd agent takes 8 minutes to complete restart after restart. PR1493882

  • The copying of files to the RCB over WAN ports is slow. This is observed across all platforms running Junos OS Evolved platforms.. PR1496895

  • On a PTX10008, six SIBs are required to carry line-rate traffic, with no fabric redundancy. Even when ingress traffic rate is such that five SIBs are sufficient to carry ingress traffic (for example, traffic is less than 1280 Gbps), ungraceful SIB failures result in transient loss of traffic, till system failure handling is triggered. In Junos OS Release 20.1R2, failure handling may result in about 4-6 seconds of traffic loss. We recommend that you take the fabric cards offline by using the request chassis sib offline command before removing the SIBs for maintenance.

    PR1497212

  • The hwdre: HWD_FIRMWARE_VERSION_READ_ERROR_NOTICE: Failed to get firmware version for fru Sib message is seen for each SIB after it is gracefully taken offline and brought online. This is expected behavior as the SIB version is read correctly during an online transition. Check that the SIB versions are being displayed correctly using show system firmware after the SIBs are online. PR1504156

  • Updates to fabric resiliency FS needed. PR1504567

  • When you add or delete IPv6 hash-key, the IPv4 and IPv6 source+destination address pair hashing is also disabled. Hence traffic load balancing does not work correctly.. PR1509694

  • BGP-SRTE binding-sid with more than one label stack needs enhancement for PTX10003-80C PTX10003-160C.

  • There is a small window during BGP neighbor or BGP RIB periodic streaming when the background telemetry job gets suspended, there is a possibility that the node which is being rendered is deleted or modified. If we are in middle of rendering value for that particular node, RPD might crash when telemetry job resumes since the node is no more valid. PR1512773

  • When upgrading from 20.3R1 to a future release which has an FPC type which is incompatible for restart upgrade, the user is prompted in CLI whether to offline the FPC or abort the upgrade. The cli command waits for one hour for the user to respond. In case the user does not respond in an hour, the CLI command request system software add | var | tmp | ptx.iso restart times out. Subsequent CLI software add or delete or rollback commands fail with software upgrade in progress. The workaround for this is to restart orchestratord, the application responsible for managing cli upgrade operations. Restarting orchestratord has no impact on the functioning of the system. The command is request system application app orchestratord node master re restart. PR1516384

  • When all 5X400 g ports are used inside 1 portion of Chip, there can be impact on the traffic throughput performace.. PR1518368

  • On all Junos OS Evolved systems with the scaled setup of 4k logical interfaces on the aggregated Ethernet interface and 8k policers on the firewall filter, the aggregated Ethernet interface might stay down after deactivating and then activating the firewall filter and the aggregated Ethernet interface. Traffic loss might be seen due to the aggregated Ethernet interface is down. PR1518601

  • [cos] [scheduler]When exact-rate is used along with strict- high scheduler priority, then interface queue rate might not be as expected. PR1519313

  • There is a delay enforced between back to back switchover. This is 360 seconds unless overridden by platform specific values. So, if the last switchover happened within the last 360 seconds, then it will give this error: Not ready for mastership switch, try after x seconds?. The show system switchover CLI output might show switchover Status: Ready. However, this field indicates the ready status of all applications on backup Routing Engine. This does not consider the back-to-back switchover delay. PR1519364

  • Command request system application restart app packetio-bt is no longer available. The way to restart packet I/O is by restarting entire line card. PR1527140

  • request system software sync command will fails if junos-evo-install-ptx-x86-64-19.4R2-S2.5-EVO is one of the installed version on master Routing Engine. PR1528163

  • PTX10008 Doon RCB does not raise alarm "Mixed Master and Backup RE types" when RE0 and RE1 have different FRU types. PR1529042

  • BGP switchover convergence rate is degraded by 42% on Junos OS Evolved 20.3R1. PR1529365

  • PTX10008 does not deploy on 19.4. With later images this issue is not seen. PR1529876

  • Software rollback from junos-evo-install-ptx-x86-64-19.4R2-S2.5-EVO is not supported to latest image. New release should be scratch installed even if image is available as rollback image. PR1529884

  • SR-TE label with BSID traffic gets dropped in PTX10003. Use the following configuration protocols source-packet-routing no-chained-composite-next-hop. PR1529933

  • For initial syncronization, carrier transition field is only valid for Mib2D. PR1530864

  • HTTP file transfers through wan ports could be slow resulting in longer file transfer times. PR1531192

  • FPC vmcore files can be stored at /var/lib/ftp/in/fpc_slot/ on RE0/RE1. PR1531214

  • Sometimes, an individual line card restart might render some of the interfaces on that FPC getting blocked. PR1536037

Interfaces and Chassis

  • [chassisd] [generic_evo] Junos OS Evolved PTX10003-80C and PTX10003-160C - fabspoked generates a core file on configuration and deletion fpc power off or on. PR1395788

MPLS

  • When no-propagate-ttl configuration is present on the router and we are doing an activate and deactivate of the MPLS configuration, RPD can core rarely at times generate a core file if the interface change messages arrive before TTL configuration change could take effect on the ingress Static LSP. This is due to the mismatch between the no-propagate-ttl values in the gateway in the route table and the gateway in the Next-Hop attached to the Static LSP . PR1528460

Network Management and Monitoring

  • PTX10001-36MR supports puppet agent version 3.6.1. Puppet does not work if master version is not 3.x since this is not backward compatible. PR1491329

Routing Protocols

  • Junos OS Evolved does not support for configuring interface name as next hop. PR1497012

User Interface and Configuration

  • In 19.4R1-EVO, this is a product limitation. Workaround is to use commit without any configuration changes from master Routing Engine in this use case. PR1465291

  • When changing the configuration between scale configuration and configuration containing no filter or apply-path, sometimes there is a delay in deleting the apply-path addresses. PR1492765

  • Compressed /var/log/ creation through file archive compress might fail on certain PTX platforms running Junos Evolved. PR1522339

Resolved Issues

Learn which issues were resolved in Junos OS Evolved Release 20.3R1 for the PTX10003 and PTX10008.

For the most complete and latest information about known Junos OS Evolved defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

  • LSP statistics CLI is slow in a scaled scenario during installation time. PR1416363

  • A configuration command to modify PCIe correctable and uncorrectable error thresholds on PTX10008 FPC. PR1462953

  • The telemetry cannot export the data of MPLS LSP. PR1489605

  • Traffic statistics are not updated for bypass LSP even though the traffic is flowing through the bypass LSP. PR1491467

  • Unexpected incomplete object notified by application controller causes aftmand crash. PR1491548

  • The evoaft-jvisiond core file is generated after GRES. PR1492059

  • sFlow ingress sampling reports wrong next hop in case IPv6 traffic is routed through LSP at ingress provider edge (PE) router. PR1492076

  • Traffic loss might be observed when CBF is configured on Junos OS Evolved PTX Series platforms. PR1492707

  • cmdd crashes when request system shutdown reboot disk1 command is executed. PR1492955

  • [cos] [scheduler] PTX10008:scheduler ingress Packet Forwarding Engine VOQ drop counters does not match egress queue drop counters, if difference is greater than 100,000. PR1494785

  • The CBF functionality does not work correctly on PTX10008 platform with Junos OS Evolved 20.1R1. PR1495119

  • Block software upgrade when image that is not compatible with the platform is used. PR1495655

  • The aftmand might crash when MPLS is enabled. PR1496057

  • Consistent hash information is missing : error: timeout communicating with Evo-Aft BT daemon. PR1496077

  • Sensor for physical Ethernet interface statistics is missing, for example: in-oversize-frame. PR1496275

  • The logical interface might disappear after switchover. PR1496887

  • Longevity: aggregated Ethernet logical interface disappears after switchover. PR1497285

  • There is a discrepancy of 22 bytes for the same packets between the firewall filter in Junos OS Evolved and in Junos OS. PR1503145

  • PTX10008: Aggregated Ethernet (AE) interface flaps causing next hops to contain wrong encapsulation information, with router having 800,000 IP routes, 2000 ingress LSPs, around 500 L3VPNs and LSPs have link protection enabled. PR1503260

  • The packetio crashes during the initialization and this might result in a second reboot. PR1505150

  • set system processes app failover other-routing-engine configuration not supported. PR1506480

  • Shapers applied on interface output queues, either through the transmit-rate exact or rate-limit configuration might not sometimes draw the expected output scheduler accuracy. PR1506855

  • On a PTX10008 router, we observe small packet loss randomly during SIB offline. PR1506866

  • The firewalld process would take too a long time to come online. PR1507433

  • The evo-aftmand process might be stuck at 100% CPU usage in a scaled setup. PR1511597

  • Packet Forwarding Engine generates MLP's with global-no-mac-learning enabled. PR1511601

  • Firewalld generates a core file after deleting and adding the filter back in a single commit. PR1512065

  • SIB <> FPC link errors seen prior to switchover do not get cleared when switchover is followed by SIB restart. PR1512272

  • Under rare circumstances, when multiple fabric cards go offline and are brought online in quick succession, the device might crash and reboot after reporting a kernel msmi error or zookeeper session failed error. PR1512633

  • The evo-aftmand-bt might crash if FPC offline is performed when the system comes up. PR1514722

  • Continuous evo-cda-bt CDA syslog error messages are observed during the negative triggers (AE configurations disable/enable and FPC restart). PR1515806

  • show system License detail does not reflect correct license usages after reboot. PR1515896

  • SNMP traps are not seen for 'fpc_link_to_sib_fault' when CCL link is brought down from ZF->BT. PR1516487

  • PTX10008: Do not configure confidentiality offset other than 0. PR1517985

  • request system zeroize command does not reboot the device. PR1518946

  • After request system application node re0 app fabricHub restart , interface drop and major dp_1_zfo_intr_dp1_fabcell_drop error. PR1519402

  • A large number of publish-deleted hwdre anomalies are dumped after 2nd iteration of switchover from re1 (master) to re0. PR1519427

  • The show interfaces voq intf | ae non-zero command is not working as expected and displays incorrect output. PR1521281

  • With traffic running, if the FPC that is connected to the traffic generator reboots, it might lead to stuck traffic scenario on certain ports post resumption. PR1523066

  • Hwdre generates a core file when trying to take faulty SIB to offline state. PR1527790

  • Multiple l2cpd core files are seen during commit. PR1528024

  • FCP will not boot if primary BIOS is corrupted (With FPC Primary BIOS corruption Golden BIOS failed to reprogram Primary). PR1528469

Infrastructure

  • ping does not work when we set record-route. PR1474649

  • Telnet login related issue with template (TACACS and Radius). PR1482363

Interfaces and Chassis

  • ssd information gets removed from show chassis hardware detail after hwdre app restart. PR1488706

  • After application restart - false optics alarms continue to persist although underlying optics does not have failures. PR1493230

  • PTX10008 with LC1201 - the ifmand process restarts at IFAManager::findIfaoInSameSubnet. PR1496361

  • Rarely can see fan not getting detected post system reboot. PR1517476

  • Minimum IFD MTU recommended with IPv6 configuration. PR1518692

  • Last Flapped of virtual interfaces like aggregated Ethernet is not updated when aggregated Ethernet transitions from DOWN to UP state PR1521978

Routing Policy and Firewall Filters

  • The system crashes after configuring filter with ICMP match conditions. PR1496740