Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    SRX Series Features Not Supported on vSRX

    vSRX inherits many features from the Series product line. Table 1 lists SRX Series features that are not applicable in a virtualized environment, that are not currently supported, or that have qualified support on vSRX.

    Table 1: SRX Series Features Not Supported on vSRX

                                                  

    SRX Series Feature

    vSRX Notes

    Application Layer Gateways

    Avaya H.323

    Not supported

    Authentication with IC Series Devices

    Layer 2 enforcement in UAC deployments

    Not supported

    Note: UAC-IDP and UAC-UTM also are not supported.

    Chassis Cluster Support

    Note: Support for chassis clustering to provide network node redundancy is only available on a vSRX deployment in VMware, KVM, and Windows Hyper-V Server 2016.

    Chassis cluster for VirtIO driver

    Only supported with KVM

    Note: The link status of VirtIO interfaces is always reported as UP, so a vSRX chassis cluster cannot receive link up and link down messages from VirtIO interfaces.

    Dual control links

    Not supported

    In-band and low-impact cluster upgrades

    Not supported

    LAG and LACP (Layer 2 and Layer 3)

    Not supported

    Layer 2 Ethernet switching

    Not supported

    Low-latency firewall

    Not supported

    PPPoE over redundant Ethernet interface

    Note: Starting in Junos OS Release 15.1X49-D100, the vSRX supports Point-to-Point Protocol over a redundant Ethernet interface (PPPoE).

    Not supported

    SR-IOV interfaces

    Not supported (see the Known Behavior section of the vSRX Release Notes for more information about SR-IOV limitations).

    Class of Service

    High-priority queue on SPC

    Not supported

    Tunnels

    Only GRE and IP-IP tunnels supported

    Data Plane Security Log Messages (Stream Mode)

    TLS protocol

    Not supported

    Diagnostics Tools

    Flow monitoring cflowd version 9

    Note: Starting in Junos OS Release 15.1X49-D80, the vSRX supports J-Flow version 9 flow monitoring on a chassis cluster.

    Not supported

    Ping Ethernet (CFM)

    Not supported

    Traceroute Ethernet (CFM)

    Not supported

    DNS Proxy

    Dynamic DNS

    Not supported

    Ethernet Link Aggregation

    LACP in standalone or chassis cluster mode

    Not supported

    Layer 3 LAG on routed ports

    Not supported

    Static LAG in standalone or chassis cluster mode

    Not supported

    Ethernet Link Fault Management

    Physical interface (encapsulations)

    ethernet-ccc
    ethernet-tcc

    Not supported

    extended-vlan-ccc
    extended-vlan-tcc

    Not supported

    Interface family

    ccc, tcc

    Not supported

    ethernet-switching

    Not supported

    Flow-Based and Packet-Based Processing

    End-to-end packet debugging

    Not supported

    Network processor bundling

    Not supported

    Services offloading

    Not supported

    Interfaces

    Aggregated Ethernet interface

    Not supported

    IEEE 802.1X dynamic VLAN assignment

    Not supported

    IEEE 802.1X MAC bypass

    Not supported

    IEEE 802.1X port-based authentication control with multisupplicant support

    Not supported

    Interleaving using MLFR

    Not supported

    PoE

    Not supported

    PPP interface

    Not supported

    PPPoE-based radio-to-router protocol

    Not supported

    PPPoE interface

    Note: Starting in Junos OS Release 15.1X49-D100, the vSRX supports Point-to-Point Protocol over Ethernet (PPPoE) interface.

    Not supported

    Promiscuous mode on interfaces

    Only supported if enabled on the hypervisor

    IP Security and VPNs

    Acadia - Clientless VPN

    Not supported

    DVPN

    Not supported

    Hardware IPsec (bulk crypto) Cavium/RMI

    Not supported

    IPsec tunnel termination in routing instances

    Supported on virtual router only

    Multicast for AutoVPN

    Not supported

    Suite B implementation for IPsec VPN

    Not supported

    IPv6 Support

    DS-Lite concentrator (aka AFTR)

    Not supported

    DS-Lite initiator (aka B4)

    Not supported

    J-Web

    Enhanced routing configuration

    Not supported

    New Setup Wizard (for new configurations)

    Not supported

    PPPoE Wizard

    Not supported

    Remote VPN Wizard

    Not supported

    Rescue link on dashboard

    Not supported

    UTM configuration for Kaspersky antivirus and the default Web filtering profile

    Not supported

    Log File Formats for System (Control Plane) Logs

    Binary format (binary)

    Not supported

    WELF

    Not supported

    Miscellaneous

    GPRS

    Note: Starting in Junos OS Release 15.1X49-D70 and Junos OS Release 17.3R1, the vSRX supports GPRS.

    Not supported

    Hardware acceleration

    Not supported

    Logical systems

    Not supported

    Outbound SSH

    Not supported

    Remote instance access

    Not supported

    USB modem

    Not supported

    Wireless LAN

    Not supported

    MPLS

    CCC and TCC

    Not supported

    Layer 2 VPNs for Ethernet connections

    Only if promiscuous mode is enabled on the hypervisor

    Network Address Translation

    Maximize persistent NAT bindings

    Not supported

    Packet Capture

    Packet capture

    Only supported on physical interfaces and tunnel interfaces, such as gr, ip, and st0. Packet capture is not supported on redundant Ethernet interfaces (reth).

    Routing

    BGP extensions for IPv6

    Not supported

    BGP Flowspec

    Not supported

    BGP route reflector

    Not supported

    Bidirectional Forwarding Detection (BFD) for BGP

    Not supported

    CRTP

    Not supported

    Switching

    Layer 3 Q-in-Q VLAN tagging

    Not supported

    Transparent Mode

    UTM

    Not supported

    Unified Threat Management

    Express AV

    Not supported

    Kaspersky AV

    Not supported

    Upgrading and Rebooting

    Autorecovery

    Not supported

    Boot instance configuration

    Not supported

    Boot instance recovery

    Not supported

    Dual-root partitioning

    Not supported

    User Interfaces

    NSM

    Not supported

    SRC application

    Not supported

    Junos Space Virtual Director

    Only supported with VMware

    Modified: 2017-09-11