Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

What’s Changed in Release 21.1R1

Authentication, Authorization, and Accounting (AAA)

  • SSH session connection limit and rate limit per connection (QFX Series)—We have introduced the connection-limit and rate-limit options at the set system services ssh hierarchy levels. The default connection limit value is 75 connections, and the default rate limit value is 3 connections per second. Junos OS measures the rate limit value per minute but Junos OS Evolved measures the rate limit value per second.

EVPN

  • Unresolved hosts identified in MAC-IP address entries (QFX5130-32CD, QFX5220)—When you use the show ethernet-switching mac-ip-table command to display the MAC-IP entries in the Ethernet switching table, unresolved hosts are identified with a Ur flag.

General Routing

  • SSH session connection limit and rate limit per connection (PTX Series and QFX Series)—We have introduced SSH connection-limit and rate-limit options at the edit system services ssh hierarchy levels to enable SSH connection limit and rate limit per connection. The default connection limit value is 75 connections and there is no default value associated with rate limit.

    [See Configuring Sub Line Cards and Assigning Them to GNFs.]

Junos XML API and Scripting

  • The jcs:invoke() function supports suppression of root login and logout events in system log files for SLAX event scripts (ACX Series, PTX Series, and QFX Series)—The jcs:invoke() extension function supports the no-login-logout parameter in SLAX event scripts. If you include the parameter, the function does not generate and log UI_LOGIN_EVENT and UI_LOGOUT_EVENT messages when the script logs in as root to execute the specified remote procedure call (RPC). If you omit the parameter, the function behaves as in earlier releases in which the root UI_LOGIN_EVENT and UI_LOGOUT_EVENT messages are included in system log files.

    [See invoke() Function (SLAX and XSLT).]

  • The jcs:invoke() function supports suppression of root login and logout events in system log files for SLAX commit scripts (ACX Series, PTX Series, and QFX Series)—The jcs:invoke() extension function supports the no-login-logout parameter in SLAX commit scripts. If you include the parameter, the function does not generate and log UI_LOGIN_EVENT and UI_LOGOUT_EVENT messages when the script logs in as root to execute the specified remote procedure call (RPC). If you omit the parameter, the function behaves as in earlier releases in which the root UI_LOGIN_EVENT and UI_LOGOUT_EVENT messages are included in system log files.

    [See invoke() Function (SLAX and XSLT).]

Layer 2 Features

  • Modification to sync-reset command (ACX Series, PTX Series, and QFX Series)—Starting from this release, the sync-reset command is disabled by default on all the Junos OS Evolved platforms. The Sync-reset command enables the device to send the sync bit in the LACP packets on minimum-link failure. Previously the sync-reset command was enabled by default on QFX Series, while it was by default disabled on PTX Series and ACX series.

    [See sync-reset.]

  • New commit check for MC-LAG (PTX Series, QFX Series)—We've introduced a new commit check to check the values assigned to the redundancy group identification number on the MC-AE interface ( redundancy-group-id) and ICCP peer (redundancy-group-id-list) when you configure multichassis aggregation groups (MC-LAGs). If the values are different, the system reports a commit check error. In previous releases, if the configured values were different, the l2ald process would crash.

    [See iccp and mc-ae.]

  • Unresolved hosts identified in MAC-IP address entries (QFX5130-32CD and QFX5220)—When you use the show ethernet-switching mac-ip-table command to display the MAC-IP entries in the ethernet switching table, unresolved hosts are identified with a Ur flag.

Network Management and Monitoring

  • Support for specifying the YANG modules to advertise in the NETCONF capabilities and supported schema list (ACX Series, PTX Series, and QFX Series)—You can configure devices to emit third-party, standard, and Junos OS native YANG modules in the capabilities exchange of a NETCONF session by configuring the appropriate statements at the [edit system services netconf hello-message yang-module-capabilities]. In addition, you can specify the YANG schemas that the NETCONF server should include in its list of supported schemas by configuring the appropriate statements at the [edit system services netconf netconf-monitoring netconf-state-schemas] hierarchy level.

    [See hello-message and netconf-monitoring.]

Routing Protocols

  • Recommendation to include the local-address statement when configuring IBGP and multihop EBGP—When a device peers with a remote device's loopback interface address, use the local-address statement at the [edit protocols bgp group internal-peers] hierarchy to specify the source information in BGP update messages. Although a BGP session can be established when only one of the paired routing devices has local-address configured, we strongly recommend that you configure local-address on both paired routing devices for IBGP and multihop EBGP sessions. The local-address statement ensures that deterministic fixed addresses are used for the BGP session end-points.

    [See local-address (Protocols BGP) and BGP Peering Sessions.]

System Management

  • Support for exclude option under file archive (ACX Series, PTX Series, and QFX Series)—The exclude option is added under the command file archive that specifies the file pattern to exclude. This option helps to exclude files that delay compression or files that do not require compression.

    [See file archive.]

User Interface and Configuration

  • Verbose format option to export JSON configuration data (ACX Series, PTX Series, and QFX Series)—The Junos OS CLI exposes the verbose statement at the [edit system export-format json] hierarchy level. We changed the default format to export configuration data in JavaScript Object Notation (JSON) from verbose to ietf in an earlier release. You can explicitly specify the default export format for JSON configuration data by configuring the appropriate statement at the [edit system export-format json] hierarchy level. Although the verbose statement is exposed in the Junos OS CLI as of the current release, you can configure this statement in earlier releases.

    [See export-format.]