New and Updated Features

Layer3-Layer4 Access Control Lists (Firewall Filters)—Starting with Juniper Cloud-Native Router Release 24.1, we support stateless firewall filters. Firewall filters provide a means of protecting the cloud-native router from excessive traffic transiting the router to a network destination or destined for the Routing Engine. A stateless firewall filter, also known as an access control list (ACL), does not statefully inspect traffic. Instead, it evaluates packet contents statically and does not keep track of the state of network connections. JCNR supports the IPv4 and IPv6 standard firewall filters with specific match conditions and actions.

SRv6 Micro-SIDs Support: JCNR supports SRv6 micro-SIDs. SRv6 is a segment routing paradigm applied to an IPv6 underlay with a new IPv6 extension header called Segment Routing Header (SRH). If a packet is required to be guided via multiple nodes, the SRv6-SIDs need to be stacked up using the SRH. This presents additional bandwidth and processing overhead. Thus, micro-SIDs are envisaged where multiple SRV6-addresses can be compressed into a single IPv6-address, greatly reducing bandwidth overhead and requirement of SRH for up to 6 typical SRv6-SIDs. JCNR supports specific features for SRv6 micro-SIDs, including support for flex-algorithm.

SR-MPLS Flex-Algo Support: JCNR now supports flexible-algorithm (flex-algo) for SR-MPLS implementations.

JCNR Telemetry via gNMI: JCNR now supports telemetry data via gNMI derived both from vRouter and cRPD. The gNMI protocol defines the Subscribe RPC for subscribing to telemetry data. The telemetry collector uses this RPC to request updates from the network device for state and configuration data.

JCNR eBPF XDP Datapath: The JCNR vRouter forwarding plane supports the extended Berkley Packet Filter (eBPF) eXpress Data Path (XDP) datapath for high-speed packet processing as a Juniper Networks technology preview feature. A Linux kernel technology, eBPF executes user-defined programs inside a sandbox virtual machine. It enables low-level networking programs to execute with optimal performance. The XDP framework enables high-speed packet processing for the eBPF programs. JCNR supports XDP in native (driver) mode on Baremetal servers for specific drivers only.

Manage vRouter Performance with Kubernetes CPU Manager: JCNR now provides the ability to manage the CPU allocation for the vRouter agent and vRouter DPDK pods using Kubernetes CPU manager.

Full Support for Azure deployment —JCNR now fully supports deployment on Microsoft Azure Cloud Platform.

Support for Mellanox NICs: JCNR supports the Mellanox ConnectX-6 and ConnectX-7 NICs as a Juniper Networks technology preview (Tech Preview) feature.

TWAMP Support: JCNR now supports managed and light Two-Way Active Measurement Protocol (TWAMP) implementation. TWAMP is a network performance measurement and monitoring service used for active performance monitoring of 5G transport networks.

Configlet Custom Resource for JCNR Configuration: JCNR configuration is now supported using a configlet custom resource. The configlet can be generated either by rendering a predefined template of supported Junos configuration or using raw configuration. The generated configuration is validated and deployed on the JCNR controller (cRPD) as one or more Junos configuration groups.

Support for VMWare Tanzu Deployment: JCNR is now supported on the VMware Tanzu platform. VMware Tanzu allows you to run Kubernetes natively in your VMware vSphere environment.

Wind River Cloud Platform Pre-Bound Interfaces: We now allow you to pre-bind your JCNR interfaces to DPDK for L3 mode deployments. Pre-binding interfaces to DPDK is typical for Wind River installations.

JCNR AWS VPC Gateway: The JCNR AWS VPC Gateway is a turnkey JCNR-based application that connects your EKS cluster running MetalLB with your on-premises cluster over EVPN-VXLAN. It runs in its own EKS cluster using custom resources that make use of the underlying JCNR implementation.

New Features in Juniper Cloud-Native Router Release 24.2