Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

What's New

 

This section describes new features and enhancements to existing features in Junos OS Release 18.4 for vSRX.

What’s New in Junos OS Release 18.4R3 for vSRX

There are no new features or enhancements to existing features for vSRX in Junos OS Release 18.4R3.

What’s New in Junos OS Release 18.4R2 for vSRX

There are no new features or enhancements to existing features for vSRX in Junos OS Release 18.4R2.

What’s New in Junos OS Release 18.4R1 for vSRX

This section describes new features and enhancements to existing features in Junos OS Release 18.4R1 for vSRX (without vSRX 3.0 features) and vSRX 3.0.

For more information, see Overview of the available virtual SRX models, vSRX and vSRX 3.0.

Flow-Based and Packet-Based Processing

  • vSRX on VMware (scale-up performance enhancements and Mellanox support on vSRX)—Starting in Junos OS Release18.4R1, the vSRX virtual appliance supports one control plane vCPU, an increase of up to 8 or 16 data plane vCPUs, and an increase of up to 16 or 32 GB in the vRAM size. Also, a vSRX instance deployed on VMware supports SR-IOV on the Mellanox ConnectX-4 family of adapters.

    [See Understanding vSRX with VMware.]

Interfaces and Routing

  • Adjustable MTU configuration on vSRX virtual interfaces (vSRX)—Starting in

    Junos OS Release 18.4R1, the maximum transmission unit (MTU) settings are adjustable on the vSRX virtual interfaces so that a vSRX instance can operate on VXLAN-based clouds. Adjustable MTU settings are supported for the fxp0, em0, fab0, and fab1 interfaces. You can adjust the MTU values by setting the mtu option of the set interfaces [fxp0 | em0 | fab0 | fab1] command to a value between 256 and 9192.

    [See Understanding Interface Physical Properties.]

Performance and Scaling

Platform and Infrastructure

  • AWS Elastic Load Balancing support (vSRX 3.0)—Starting in Junos OS Release 18.4R1, vSRX supports Amazon Web Services (AWS) Elastic Load Balancing (ELB) using application load balancers for AWS deployments. Application load balancers automatically distribute incoming application traffic and scale resources to meet traffic demands.

    [See Requirements for vSRX on AWS.]

  • AWS Elastic Network Adapter support (vSRX 3.0)—Starting in Junos OS Release 18.4R1, vSRX C5 instances with two vCPUs and 4-GB memory support the AWS Elastic Network Adapter (ENA). The ENA provides a network interface optimized to deliver high throughput and packet per second (pps) performance, and consistently low latencies on Amazon EC2 instances. Using the ENA, vSRX C5 instances can utilize up to 20 Gbps of network bandwidth.

    [See Requirements for vSRX on AWS.]

  • Configuration drive support with cloud-init (vSRX)—Starting in Junos OS Release 18.4R1, the cloud-init functionality in vSRX is extended to support the use of a configuration drive data source in an OpenStack environment. The configuration drive uses the user data attribute to pass a validated Junos OS configuration file to the vSRX instance. The user data can be plain text or the MIME file type text or plain. The configuration drive has a maximum size of 64 MB, and must be formatted with either the virtual file allocation table (VFAT) or the ISO 9660 file system.

    [See Using Cloud-Init in an OpenStack Environment to Automate the Initialization of vSRX Instances.]

  • vSRX (vSRX 3.0)—Starting in Junos OS Release 18.4R1, the vSRX instance supports guest OS with vSRX 3.0 having five vCPUs and eight gigabit vRAM with single-root I/O virtualization over Intel 82599 series for improved scalability and performance.

    [See Specifications for vSRX 3.0 on KVM, Specifications for vSRX 3.0 on VMware and Software Requirements.]

Supported vSRX Software Architectures in Junos OS Release 18.4

Junos OS Release 18.4 supports two software architectures.

Figure 1 shows the high-level vSRX software architecture.

Figure 1: vSRX Software Architecture



vSRX Software Architecture

Figure 2 shows the high-level vSRX 3.0 software architecture with new features.

Figure 2: vSRX 3.0 Software Architecture
vSRX 3.0 Software Architecture

Supported Features

For details about Junos OS features supported on vSRX, see Feature Explorer: vSRX.

Supported Features References

Table 1 lists documentation references to Junos OS features that are supported on vSRX.

Note

Some vSRX features require a license. See vSRX Feature Licenses Overview for more details.

Table 1: Documentation References for Junos OS Features Supported on vSRX

Feature

Feature Documentation

vSRX Platform

Application Firewall (AppFW)

Application Firewall Overview

VMware, KVM, Contrail, AWS, Azure, and Hyper-V

Application Identification (AppID)

Understanding Application Identification Techniques

VMware, KVM, Contrail, AWS, Azure, and Hyper-V

Application Layer Gateways (ALGs)

ALG Overview

VMware, KVM, Contrail, AWS, Azure, and Hyper-V

Application Quality of Service (AppQoS)

Understanding Application QoS (AppQoS)

VMware, KVM, Contrail, AWS, Azure, and Hyper-V

Attack Detection and Prevention (ADP)

Attack Detection and Prevention Overview

VMware, KVM, Contrail, AWS, Azure, and Hyper-V

Chassis cluster support for Virtio driver

Chassis Cluster Overview

KVM

Chassis cluster support for VMXNET3 driver

Chassis Cluster Overview

VMware

Chassis cluster support for Windows Hyper-V Server 2016

Chassis Cluster Overview

Hyper-V

Class of service (CoS)

Understanding Class of Service

VMware, KVM, Contrail, AWS, Azure, and Hyper-V

Dynamic Host Configuration Protocol (DHCP)

Understanding Interfaces

VMware, KVM, Contrail, AWS, Azure, and Hyper-V

Flow and packet processing

Juniper Networks Devices Processing Overview

VMware, KVM, Contrail, AWS, Azure, and Hyper-V

Intrusion Detection and Prevention (IDP)

Understanding Intrusion Detection and Prevention

VMware, KVM, Contrail, AWS, Azure, and Hyper-V

IPsec VPN

IPsec VPN Overview

VMware, KVM, Contrail, AWS, Azure, and Hyper-V

Multiprotocol Label Switching (MPLS)

MPLS Overview

VMware, KVM, Contrail, AWS, Azure, and Hyper-V

Multicast

Multicast Overview

VMware, KVM, and Contrail

Network Address Translation (NAT)

Introduction to NAT

VMware, KVM, Contrail, AWS, Azure, and Hyper-V

Routing protocols

Junos OS Routing Protocols Library

VMware, KVM, Contrail, AWS, Azure, and Hyper-V

Security building bocks

Understanding Security Basics

VMware, KVM, Contrail, AWS, Azure, and Hyper-V

Transparent mode

Ethernet Switching and Layer 2 Transparent Mode Overview

VMware, KVM, and Contrail

Unified Threat Management (UTM)

Unified Threat Management Overview

VMware, KVM, Contrail, AWS, Azure, and Hyper-V

User authentication

Understanding User Authentication for Security Devices

VMware, KVM, Contrail, AWS, Azure, and Hyper-V

Unsupported Features

While vSRX supports many of the Junos OS features supported on other SRX Series devices, not all features are supported. For information about Junos OS features that are not supported on vSRX, see Known Behavior and SRX Series Features Not Supported on vSRX for specific support limitations.