Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

EVPN

  • Tunnel endpoint in the PMSI tunnel attribute field for EVPN Type 3 routes (ACX5448, EX4600, EX4650, EX9200, and QFX10002)—Starting in Junos OS Release 21.1R1, you can set the tunnel endpoint in the provider multicast service interface (PMSI) tunnel attribute field to use the ingress router’s secondary loopback address. When you configure multiple loopback IP addresses on the local provider edge (PE) router and the primary router ID is not part of the MPLS network, the remote PE router cannot set up a PMSI tunnel route back to the ingress router.

    To configure the router to use a secondary IP address that is part of the MPLS network, include the pmsi-tunnel-endpointpmsi-tunnel-endpoint statement at the [edit routing-instances routing-instance-name protocols evpn] hierarchy level for both EVPN and virtual-switch instance types.

    [See EVPN.]

  • Support for remote port mirroring based on VNI match conditions (QFX10002, QFX10008, QFX10016)—Starting in Junos OS Release 21.1R1, You can use VXLAN network identifier (VNI) values as a match condition when filtering traffic for remote port mirroring. VNI packets that match the configured VNI will be mirrored, with the VNI packet contents, on the designated interface. This addition extends functionality introduced in previous releases.

    [See Filter-based forwarding in EVPN-VXLAN networks and Remote port mirroring to an IP address.]

  • Explicit congestion notification (ECN) over VXLAN tunnels (EX4650 and QFX5120)—Starting in Junos OS Release 21.1R1, by default, standalone EX4650 and QFX5120 switches support explicit congestion notification (ECN) for packets that are encapsulated across VXLAN tunnels, as follows:

    • During VXLAN encapsulation at the source virtual tunnel endpoint (VTEP), the switch copies the ECN bits of the Type-of-Service (ToS) field from the original packet IP header to the outer VXLAN encapsulation IP header.

    • During VXLAN de-encapsulation at the remote VTEP, the switch copies the ECN bits of the ToS field from the outer VXLAN encapsulation IP header to the original packet IP header.

    You can configure the vxlan-disable-copy-tos-encap statement or the vxlan-disable-copy-tos-decap statement at the [edit forwarding-options] hierarchy on the encapsulation or de-encapsulation ends of the tunnel, respectively, to disable the ECN copy operation.

    Note:

    These switches also copy the differentiated services code point (DSCP) bits in the ToS field of the IP header upon VXLAN encapsulation and de-encapsulation by default, and the same statements disable copying both the DSCP and ECN bits.

    [See vxlan-disable-copy-tos-encap and vxlan-disable-copy-tos-decap.]