Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Junos OS Release Notes for ACX Series

 

These release notes accompany Junos OS Release 20.4R1 for the ACX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

What's New

This section describes the new features or enhancements to existing features in Junos OS Release 20.4R1 for the ACX Series.

Hardware

  • We've added the following features to the ACX5448 in Junos OS Release 20.4R1.

    Table 1: Features Supported by the ACX5448 Routers

    Feature

    Description

    Authentication, Authorization and Accounting

    • Support for 802.1X authentication on Layer 3 interfaces. 802.1X is an IEEE standard for port-based network access control that authenticates users connected to a LAN port. [See 802.1X Authentication.]

    Automation

    • Support for either WAN interfaces or management interfaces to automatically download and install the appropriate software and the configuration file on your device during the ZTP bootstrap process. [See Zero Touch Provisioning.]

    Class of service (CoS)

    • Support for up to three levels of hierarchical scheduling (physical interfaces, logical interfaces, and queues). Configurable buffer support is also added. By default, all interfaces on the ACX5448 use port-based scheduling (eight queues per physical port). To enable hierarchical scheduling, set the hierarchical-scheduler statement at the [edit interfaces interface-name] hierarchy level. [See Hierarchical Class of Service in ACX Series Routers.]

    Ethernet OAM

    • Support for Ethernet OAM CFM. You can now synchronize local-interface status between two connected devices with remote interface up/down trigger with OAM CFM. CFM provides end-to-end signals even if the two devices are not directly connected. [See Introduction to OAM Connectivity Fault Management (CFM).]

    EVPN

    • Support for EVPNs and Interfaces. In EVPN-MPLS and MC-LAG environments, the configuration of anycast gateways on ACX5448 routers that are multihomed in all-active mode is supported. [See Anycast Gateways.]

    Layer 2 features

    Layer 3 features

    • Support for Layer 3 VPN in MC-LAG chassis. ACX5448 routers support Layer 3 VPN in VRRP over IRB interfaces in MC-LAG routers. Layer 3 routing and Layer 3 VPN are not directly supported on the MC-LAG interfaces. [See Understanding VRRP and Understanding Layer 3 VPNs.]

    Network Security

    • Support for control plane DDoS protection, which is enabled by default on ACX5448 routers for many Layer 2 and Layer 3 protocols. Control Plane DDoS protection uses firewall filters and policers to discard or rate-limit control plane traffic at the Routing Engine level, which prevents malicious traffic from interfering with device operations. You can disable this feature or change the default policer parameters for supported protocol groups. [See Control Plane Distributed Denial-of-Service (DDoS) Protection Overview]

    Software installation and upgrade

    • Support for the ACX5448-M-LT, a top-of-rack router that supports only Junos Limited image. The Junos Limited image does not have data-plane encryption and is intended only for countries in the Eurasian Customs Union because these countries have import restrictions on software containing data-plane encryption. Unlike the JunosWorldwide image, the Junos Limited image supports control plane encryption through Secure Shell (SSH) and Secure Sockets Layer (SSL), thus allowing secure management of the system. [See ACX5448 System Overview.]

    Timing and synchronization

  • Support for SFP-1GE-LH-ET transceivers (ACX1100 and ACX2100)—Starting in Junos OS Release 20.4R1, the ACX1100 and ACX2100 Universal Metro Routers support the SFP-1GE-LH-ET transceivers.

    [See the Hardware Compatibility Tool (HCT) for details.]

  • Support for SFP-GE80KT14R15 and SFP-GE80KT15R14 transceivers (ACX5448, ACX5448-D, and ACX5448-M)—Starting in Junos OS Release 20.4R1, the ACX5448, ACX5448-D, and ACX5448-M Universal Metro Routers support the SFP-GE80KT14R15 and SFP-GE80KT15R14 transceivers.

    [See the Hardware Compatibility Tool (HCT) for details.]

  • Support for SFPP-10GE-DWDM-IT transceivers (ACX5448, ACX5448-D, and ACX5448-M)—Starting in Junos OS Release 20.4R1, the ACX5448, ACX5448-D, and ACX5448-M Universal Metro Routers support the SFPP-10GE-DWDM-IT transceivers.

    [See the Hardware Compatibility Tool (HCT) for details.]

High Availability (HA) and Resiliency

  • NSR support for IS-IS with SR (ACX Series, MX Series)—Starting in Junos OS Release 20.4R1, ACX Series devices support NSR for IS-IS with segment routing (SR). To use NSR, you must first enable GRES on your device.

    [See Nonstop Active Routing Concepts]

Junos Telemetry Interface

  • JTI support for persistent active gRPC sessions between collector and server during an SSL certificate update (ACX Series, MX Series, and PTX Series)—Junos OS Release 20.4R1 supports persistent active remote procedure call (gRPC) sessions between the collector (client) and server during an SSL certificate update.

    For secure channel authentication, the TLS protocol is used to maintain a secure channel between the collector and the server. TLS uses the server certificate and the client certificate to authenticate each other and send encrypted messages over the network. When an SSL certificate is updated, existing gRPC sessions are abruptly terminated, forcing the collector to initiate a new gRPC connection and subscribe to sensors again.

    To avoid this problem, you can enable persistent active gRPC sessions by configuring hot-reloading at the [edit system services extension-service request-response grpc ssl] hierarchy level. After you enable this feature, gRPC sessions will remain active even when authentication certificates are updated.

    After the certificate is updated, any new gRPC session will use the updated certificate.

    [See gRPC Services for Junos Telemetry Interface and ssl.]

  • Juniper Resiliency Interface for exception reporting and null route detection (ACX Series, PTX Series, and MX Series)—Starting in Junos OS Release 20.4R1, you can use Juniper Resiliency Interface to detect and reduce Mean Time to Repair (MTTR) first-order network issues. Juniper Resiliency Interface uses a push model for data reporting from the entities in the system which encounter packet drops. This automates the workflow for detecting, reporting, and mitigating adverse exceptions.

    To collect kernel routing table and routing protocol process exceptions, configure the set system resiliency exceptions statement at the [edit] hierarchy level to specify exception reporting based on kernel exceptions, and routing exceptions.

    You can display exceptions from a remote collector by means of remote procedure call (gRPC) services or gRPC network management interface (gNMI) services. Display on-box exceptions by accessing the /var/log file or the database at /var/db/ResiliencyExceptions.db. No Junos operational mode commands display these exceptions.

Routing Protocols

  • Support for multiple single-hop EBGP sessions on different links using the same IPv6 link-local address (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, vMX, and vSRX)—Starting in Junos OS Release 20.4R1, you are no longer required to have unique peer addresses for Juniper devices for every EBGP session. You can now enable single-hop EBGP sessions on different links over multiple directly connected peers that use the same IPv6 link-local address.

    In earlier Junos OS Releases, BGP peers could be configured with link-local addresses, but multiple BGP peers could not be configured to use the same link-local address on different interfaces.

    [See Configure Multiple Single-Hop EBGP Sessions on Different Links Using the Same Link-Local Address (IPv6).]

Timing and Synchronization

  • Support for PTP G.8275.2 profile (ACX710)—Starting in Junos OS Release 20.4R1, we support the Precision Time Protocol (PTP) G.8275.2 profile with node type T-BC-P (BC).

    You can use the [edit protocols ptp profile-type g.8275.2 ] hierarchy level to configure the G.8275.2 profile.

    [See Understanding the Time Management Administration Guide and profile-type.]

What's Changed

This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands in Junos OS Release 20.4R1 for the ACX Series routers.

General Routing

  • Support for unicast ARP request on table entry expiration—You can configure the device to send a unicast ARP request instead of the default broadcast request when an ARP table entry is about to expire. The retry requests are unicast at intervals of 5 seconds. Without this option, the retry requests are broadcast at intervals of 800 milliseconds. This behavior reduces ARP overall broadcast traffic. It also supports the use case where access nodes are configured not to forward broadcast ARP requests toward customer CPEs for security reasons and instead translate ARP broadcasts to unicast requests. To confirm whether this is configured, you can issue the following command: show configuration system arp | grep unicast-mode-on-expire.

    [See arp.]

  • Support for gigether-options statement (ACX5048, ACX5096)—Junos OS supports the gigether-options statement at the edit interfaces interface-name hierarchy on the ACX5048 and ACX5096 routers. Previously, support for the gigether-statement was deprecated. See gigether-options and

MPLS

  • The show mpls lsp extensivel and show mpls lsp detail commands display next-hop gateway LSPid — When you use the show mpls lsp extensivel and show mpls lsp detail commands, you'll see next-hop gateway LSPid in the output.

Network Management and Monitoring

  • Warning changed for configuration statements that correspond to "deviate not-supported" nodes in YANG data models (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—If you configure a statement corresponding to a YANG data model node that defines the deviate not-supported statement, the Junos OS configuration annotates that statement with the comment Warning: statement ignored: unsupported platform. In earlier releases, the warning is Warning: 'statement' is deprecated.

Routing Protocols

  • Inet6 is disabled in VT interface (ACX5448)—Starting in this release, the inet6 statement at the edit interfaces vt-interface-number unit unit-number family hierarchy level is disabled.

User Interface and Configuration

  • Verbose format option to export JSON configuration data (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—The Junos OS CLI exposes the verbose statement at the edit system export-format json hierarchy level. The default format to export configuration data in JSON changed from verbose format to ietf format starting in Junos OS Release 16.1R1. You can explicitly specify the default export format for JSON configuration data by configuring the appropriate statement at the edit system export-format json hierarchy level. Although the verbose statement is exposed in the Junos OS CLI as of the current release, you can configure this statement starting in Junos OS Release 16.1R1.

    [See export-format.]

Known Limitations

Learn about known limitations in this release for the ACX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

  • On the ACX710 router, Servo moves to the Holdover-in/Holdover-out/Acq state from the Phase-aligned state with impairment. PR1550367

  • On the ACX710 router, PTP with Vlan-id-range does not work for specific VLANs. PR1550482

  • On the ACX710 router, the holdover error HOLDOVER OUT OF SPEC does not reset during the Servo state change. PR1556798

Timing and Synchronization

  • On the ACX5448 router, the two-way time error and CTE for 1 PPS does not meet the class A metrics. PR1535434

  • On the ACX5448-M router, the 1 PPS CTE does not meet the class A performance in 1-Gigabits interface. PR1542744

  • On the ACX5448 router, due to BRCM KBP issue route lookup might fail. PR1533557

  • On the ACX5448 router, ping stops working even though the ARP entry is present during continuous script executions. PR1533513

  • On the ACX710 router, T1 or T4 cTE should be tuned closer to two-way CTE. PR1527347

  • On the ACX710 router, huge offset is observed initially with ACQ and holdover inspec and outspec conditions. PR1534470

  • On the ACX710 router, the incremental PTP FPGA upgrades do not bundle along with the regular image upgrades. PR1540799

  • On the ACX710 router, changing the PTP profile type from g.8275.1 to g.8275.2 requires the Packet Forwarding Engine to reboot and the clksyncd process to restart. As a workaround, you must reboot the Packet Forwarding Engine and restart the clocking process before you change the profile. PR1546614

  • On the ACX710 router, the Servo transition is incorrect after chassis restart. PR1550270

  • On the ACX710 router, the delay-asymmetry compensation update does not work at CLI with the G.8275.2 profile. PR1550441

  • On the ACX710 router, the PTP Servo status shows holdover during transition between virtual port and PTP. PR1510880

  • On the ACX710 router, if the client clock candidate is configured with a virtual port, the clock class is on T-BC. PR1520204

  • On the ACX710 router, the SyncE to 1PPS transient test results do not meet G.8273.2 SyncE to 1PPS transient metric. PR1522796

  • On the ACX710 router, the clock parameters are incorrect in certain scenarios when the Servo is in the FREERUN state. PR1548192

  • On the ACX710 router, the PTP Servo takes longer time to lock after the clksyncd process restarts. PR1549952

  • On the ACX710 router, the show ptp global-information command does not display correct Clock Class or ESMC QL details when the Servo goes to the Holdover-in state. PR1553213

  • On the ACX710 router, the Servo transition is incorrect during the T-GM switchover scenario. PR1553439

Open Issues

Learn about open issues in this release for the ACX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Class of Service (CoS)

  • Unexpected behavior of Class of Service is observed with the wildcard classifier. PR1559516

General Routing

  • On the ACX5448 router, latency is observed for the host-generated ICMP traffic. PR1380145

  • Tx power cannot be configured using the + sign. PR1383980

  • On the ACX710 router, alarm is not raised when booting the system with recovery snapshot. PR1517221

  • On the ACX5448 router, the BGPV6LU traffic drop is observed when the node is deployed in ingress. PR1538819

  • On the ACX500-I router, the show services session count does not work as expected. PR1520305

  • The ARP packets from the CE device are added with VLAN tag if the VLAN-ID is configured in the EVPN routing instance. PR1555679

  • On the ACX710 router, the global configuration of IPv4-dscp naming convention must be corrected as per the stream level dscp, which is more meaningful for both the the IPv6 and IPv4 services. PR1557262

  • On the ACX5448 router, the unicast packets from the CE devices might be forwarded by the PE devices with additional VLAN tag if IRB is used. PR1559084

  • On the ACX5048 router, the fxpc process generates core file on the analyzer configuration. PR1559690

  • On the ACX5448 router, the following syslog message is reported every 30 seconds; ACX_DFW_CFG_FAILED: ACX Error (dfw):dnx_dfw_dyn_entry_counter_get : Entry is invalid. PR1562323

  • On the ACX5448 router, the transit DHCPv4 and DHCPv6 packets drop in a Layer 2 domain. PR1517420

  • On the ACX5448 router, the ISSU upgrade fails due to the Packet Forwarding Engine restart issue. PR1554915

  • On the ACX5048 router, all the OAM sessions are not established. PR1561751

  • Even though enhanced-ip is active, the following alarm is observed during ISSU: RE0 network-service mode mismatch between configuration and kernel setting. PR1546002

  • The ACX5448 device as TWAMP server delays the start session acknowledgment by 10 seconds. PR1556829

  • On the ACX2100 device, laser-output-power is seen after the interface is disabled and rebooted. PR1560501

  • Inline BFD stays down with IS-IS or Static clients. PR1561590

Platform and Infrastructure

  • The CFM REMOTE MEP does not come up after configuration or if the MEP remains in the Start state. PR1460555

VPNs

  • On the ACX5448 router, the MC-AE Layer 2 circuit states are not updated instantly and for some time after disabling the core interface on the MC-LAG active node, double hit in traffic is observed. PR1543408

Resolved Issues

This section lists the issues fixed in Junos OS Release 20.4R1 for the ACX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Forwarding and Sampling

  • VLAN-ID based firewall match conditions might not work for the VPLS service. PR1542092

General Routing

  • The gigether-options command is enabled again under the interface hierarchy. PR1430009

  • Repeated powering-off or powering-on of the device, the SMBUS transactions timeout occurs. PR1463745

  • On the ACX5048 router, the egress queue statistics do not work for the aggregated Ethernet interfaces. PR1472467

  • On the ACX5048 router, traffic loss is observed during the unified ISSU upgrade. PR1483959

  • The following syslog error message is observed: ACX_DFW_CFG_FAILED. PR1490940

  • On the ACX5048 and ACX5096 routers, the LACP control packets might be dropped due to high CPU utilization. PR1493518

  • On the ACX710 router, high convergence is observed with the EVPN-ELAN service in a scaled scenario during FRR switchover. PR1497251

  • On the ACX5448 router, the EXP rewrite for the Layer 3 VPN sends all traffic with incorrect EXP. PR1500928

  • The following error message is observed during MPLS route add, change, and delete operation: mpls_extra NULL. PR1502385

  • The ACX1100, ACX2100, ACX2200, ACX2000, and ACX4000 routers might stop forwarding transit and control traffic. PR1508534

  • On the ACX710 router, the Packet Forwarding Engine might crash and the fpc process might remain down. PR1509402

  • The loopback filter cannot take more than 2 TCAM slices. PR1513998

  • On the ACX710 router, the following error message is observed in the Packet Forwarding Engine while the EVPN core link flaps: dnx_l2alm_add_mac_table_entry_in_hw. PR1515516

  • The VM process generates a core file while running stability test in a multidimensional scenario. PR1515835

  • The l2ald process crashes during stability test with traffic on a scaled setup. PR1517074

  • On the ACX710 router, whenever a copper optic interface is disabled and enabled, the speed shows 10 Gbps rather than 1 Gbps. This issue is not seen with the fiber interface. PR1518111

  • Tagged traffic matching the vlan-list configuration in the vlan-circuit cross-connect logical interface gets dropped in the ingress interface. PR1519568

  • The Incompatible Media alarm is not raised when the Synchronous Ethernet source is configured over the copper SFP. PR1519615

  • On the ACX710 router, the alarm port configuration is not cleared after deleting the alarm-port. PR1520326

  • PTP to 1PPS noise transfer test fails for frequency 1.985 Hz. PR1522666

  • The show class-of-service interface command does not show the classifier information. PR1522941

  • Interface does not come up with the auto-negotiation setting between the ACX1100 router and the other ACX Series routers, MX Series routers and QFX Series switches as the other end. PR1523418

  • With the ACX5448 router with 1000 CFM, the CCM state does not go in the Ok state after loading the configuration or restarting the Packet Forwarding Engine. PR1526626

  • On the ACX5448 and ACX710 routers, the vlan-id-list statement might not work as expected. PR1527085

  • The FEC field is not displayed when the interface is down. PR1530755

  • The show class-of-service routing-instance does not show the configured classifier. PR1531413

  • Memory leak in Local OutLif in VPLS/CCC topology is observed. PR1532995

  • The clksyncd process generates core file on Junos OS Release 20.3R1.3 image. PR1537107

  • The rpd process generates core file at l2ckt_vc_adv_recv, l2ckt_adv_rt_flash (taskptr=0x4363b80, rtt=0x4418100, rtl=< optimized out>, data=< optimized out>, opcode=< optimized out>) at ../../../../../../../../../src/junos/usr.sbin/rpd/l2vpn/l2ckt.c:7982. PR1537546

  • The Management Ethernet link down alarm is observed while verifying the system alarms in the Virtual Chassis setup. PR1538674

  • On the ACX5448 router, unexpected behavior of the show chassis network-services command is observed. PR1538869

  • The following error message is observed while deleting the remote stream 0 0 0 0 0 0 along with feb core file at 0x00ae6484 in bcmdnx_queue_assert (queue=0xc599b60) at ../../../../../src/pfe/common/drivers/bcmdnx/bcmdnx_sdk_ukern_layer.c: Err] clksync_mimic_delete_clock_entry Unexpected error. PR1539953

  • The announcement or synchronization interval rate range is not as expected. PR1542516

  • Synchronization Ethernet goes in the Holdover state and comes back to the Locked state when the PTP configuration is deleted. PR1546681

  • The ACX5448 router as transit for the BGP labeled unicast drops traffic. PR1547713

  • Multicast traffic is stopped when HQoS with multicast configurations are applied. PR1551248

  • With the no-local-switching command, traffic between the local and remote CE devices are affected. PR1527231

  • On the ACX710 router, the T-BC-P switch-over performance fails beyond the standard mask and servo moving to multiple Holdover-in state, Acquiring state, Holdover-in state, Holdover-out state, and Acquiring state. PR1556087

  • Running SNMP MIB walk and executing the show interfaces command might cause the picd process to crash. PR1533766

  • On the ACX5448 router, you cannot downgrade to Junos OS Release 18.4 code-base. PR1556377

  • BIND does not sufficiently limit the number of fetches while processing referrals. PR1512212

  • The clksyncd process generates core file during the stability test with traffic and scale. PR1518253

  • The fxpc process generates core file during EEPROM read when SFP is removed. PR1518480

  • On the ACX5448 routers, multicast traffic loop over ICL might be observed. PR1521113

  • On the ACX710 router, PIR/CIR HQoS behavior is inconsistent. PR1525789

  • Error messages are displayed while attaching tcp on physical interfaces. PR1527541

  • The l2cpd memory leak might be observed with the aggregated Ethernet interface flap. PR1527853

  • Upon classifying the Layer 3 packets, DSCP is not preserved and is lost at the egress due to the limitations of a chipset. PR1535876

  • Other than IPv4 and IPV6, other IPs should not be forwarded. Only IP header with version 4 and 6 can pass through. PR1550748

  • Profile switch between G.8275.1 and G.8275.2 works as expected. PR1533263

Interfaces and Chassis

  • The fpc process might crash in the inline mode with CFM configured. PR1500048

Layer 2 Features

  • On the ACX5448 routers, the VPLS traffic statistics are not displayed when the show vpls statistics command is executed. PR1506981

  • The rpd might crash on the new primary Routing Engine after GRES in the VPLS or Layer 2 circuit scenario. PR1507772

Routing Protocols

  • The rpd process might report 100 percent CPU usage with the BGP route damping enabled. PR1514635

  • On the ACX5448 routers, the family inet6 configuration under the vt- interface is disabled. PR1514595

Documentation Updates

There are no errata or changes in Junos OS Release 20.4R1 documentation for ACX Series routers.

Migration, Upgrade, and Downgrade Instructions

This section contains the upgrade and downgrade support policy for Junos OS for ACX Series routers. Upgrading or downgrading Junos OS might take several minutes, depending on the size and configuration of the network.

For information about software installation and upgrade, see the Installation and Upgrade Guide.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.

You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 19.3, 19.4, and 20.1 are EEOL releases. You can upgrade from Junos OS Release 19.3 to Release 19.4 or from Junos OS Release 19.3 to Release 20.1.

You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.

For more information about EEOL releases and to review a list of EEOL releases, see https://www.juniper.net/support/eol/junos.html.

For information about software installation and upgrade, see the Installation and Upgrade Guide.