New Features in JUNOS Release 10.2 for EX Series Switches

New features in Release 10.2 of JUNOS Software for EX Series switches are described in this section.

Not all EX Series software features are supported on all EX Series switches in the current release. For a list of all EX Series software features and their platform support, see EX Series Switch Software Features Overview.

New features are described on the following pages:

• Hardware
• Access Control and Port Security
• Bridging, VLANs, and Spanning Trees
• Class of Service (CoS)
• Infrastructure
• Layer 2 and Layer 3 Protocols
• Management and RMON
• Packet Filters

Hardware

• EX4500 switches—EX4500 switches provide high performance, scalable connectivity, and carrier-class reliability for high-density environments such as campus aggregation, branch offices, and data-center networks.

  EX4500 switches support the following optical transceivers:

  • EX-SFP-1GE-T (1000Base-T, 100 m)
  • EX-SFP-1GE-LX (1000Base-LX, 10 km)
  • EX-SFP-10GE-USR (10GBase-SR, 10 m, 30 m, 100 m)
  • EX-SFP-10GE-SR (10GBase-SR, 26 m, 33 m, 66 m, 82 m, 300m)
  • EX-SFP-10GE-LR (10GBase-LR, 10 km )
• Support for new optical transceiver on EX3200 and EX4200 switches—The SFP+ uplink module in EX3200 and EX4200 switches now supports one new optical transceiver: EX-SFP-10GE-USR (10GBase-SR, 10 m, 30 m, and 100 m).
• Support for new optical transceivers on EX8200 switches—EX8200 switches now support the following new optical transceivers:
  • The 8-port SFP+ line cards for EX8200 switches now support one new optical transceiver: EX-SFP-10GE-USR (10GBase-SR, 10 m, 30 m, and 100 m).
  • The 48-port SFP line cards for EX8200 switches now support three new optical transceivers: EX-SFP-1FE-LX (100Base-LX, 10 km), EX-SFP-1FE-LX40K (100Base-LX40K, 40 km), and EX-SFP-1FE-LH (100Base-LH, 80 km).

Access Control and Port Security

• Support for 802.1X authentication on EX8200 switches—802.1X provides network edge security by blocking access of devices attempting to connect to the LAN until their credentials are presented and matched on the authentication server (a RADIUS server). Support for 802.1X is the same on EX8200 switches as on other EX Series switches, with the exception of interfaces configured in multiple-supplicant or single-secure mode. The following configurations are not supported on EX8200 switches on interfaces in multiple-supplicant or single-secure mode:
  • Guest VLANS—Provides secure access to the LAN for corporate guests and for devices that fail the 802.1X authentication process.
  • Server-reject VLANs—Specifies that when the switch receives an Extensible Authentication Protocol Over LAN (EAPOL) Access-Reject message from the RADIUS authentication server, then devices attempting to access the LAN are moved to a specific VLAN and granted access.
  • Server fail fallback—Allows you to specify how 802.1X supplicants (hosts) connected to the switch are supported if the RADIUS authentication server becomes unavailable or sends an EAPOL Access-Reject message.

Bridging, VLANs, and Spanning Trees

• RSTP configuration with VSTP—VSTP and RSTP can now be configured concurrently. When VSTP and RSTP are configured concurrently, the first 253 VLANs are configured with VSTP and the remaining VLANs are configured using RSTP. This feature allows users to overcome a previous restriction that only allowed VSTP to run on up to 253 VLANs while no other spanning-tree protocols could run on the additional VLANs.

  RSTP and VSTP are the only spanning-tree protocols that can be configured concurrently on an EX Series switch.

Class of Service (CoS)

• Enhancements to CoS rewrite rules on EX8200 switches—The following enhancements have been made to CoS rewrite rules on EX8200 switches:
  • Rewrite rules based on multifield (MF) classifiers are now supported.
  • Rewrite rules can now be assigned to Layer 2 interfaces, in addition to the previously supported Layer 3 interfaces and routed VLAN interfaces (RVIs).
  • Rewrite rules are now supported for switched packets.
  • Each interface can have different rewrite rules. You are no longer limited to a single global rewrite rule for all interfaces on the switch.
• Interface-specific IPv6 classifiers and rewrite rules—EX3200 and EX4200 switches now allow you to configure and apply IPv6 classifiers and rewrite rules for each interface.

Infrastructure

• Enhancements to power management on EX8200 switches—Power management on EX8200 switches now allows you to configure certain aspects of its power budget policy, which determines how it manages the power supplies and allocates power to various components. You can:
  • Configure power management to manage the power supplies for N+N power redundancy instead of N+1 redundancy.
  • Assign a power priority to line cards. This allows higher priority cards to receive power when power is insufficient to power all line cards. Previously, when power was insufficient, all line cards were powered off. Now line cards receive power in priority order until available power is exhausted.
• Distributed periodic packet management—The responsibility for PPM processing on an EX Series switch is now distributed between the Routing Engine and either the access interfaces (on EX3200 and EX4200 switches) or the line cards (on EX8200 switches) by default. PPM previously ran solely on the Routing Engine. We recommend that you disable distributed PPM and run PPM just on the Routing Engine only if there is a compelling reason to disable distributed PPM.
• Enhancements to LCD menus—Using CLI commands, administrators can disable the Status menu, the Maintenance menu, and the options in these menus to prevent users from viewing certain details about the switch and from configuring and troubleshooting the switch from the LCD menu.
• IPv6 path maximum transmission unit discovery—The IPv6 path maximum transmission unit (MTU) discovery feature is now available on EX8200 switches.

Layer 2 and Layer 3 Protocols

• IPv6 virtual routing and forwarding (VRF) multicast—IPv6 multicast traffic is now supported for VRF on EX3200, EX4200, and EX8200 switches.

Management and RMON

• 802.1ag OAM support on EX3200 and EX4200 switches—802.1ag is an IEEE standard for connectivity fault management (CFM). The following features are supported: continuity check protocol, linktrace protocol, and loopback protocols.
• sFlow enhancements on EX Series switches—You can configure the IP address to be assigned to the sFlow agent and the IP address to be used in sFlow datagrams. By configuring the IP addresses, you can ensure that the IP addresses are not dynamic and do not change when the switch restarts.

Packet Filters

• Enhancements to firewall filter actions supported on EX8200 switches—The log, reject, and syslog actions are now supported for ingress firewall filters on EX8200 switches. The reject action is supported on Layer 3 interfaces (router firewall filters) only.

Related Topics

• Changes in Default Behavior and Syntax in JUNOS Release 10.2 for EX Series Switches
• Limitations in JUNOS Release 10.2 for EX Series Switches
• Outstanding Issues in JUNOS Release 10.2 for EX Series Switches
• Resolved Issues in JUNOS Release 10.2 for EX Series Switches
• Errata in Documentation for JUNOS Release 10.2 for EX Series Switches
• Upgrade and Downgrade Issues for JUNOS Release 10.2 for EX Series Switches