Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

What’s Changed in Release 21.1R1

General Routing

  • Updates to ON-CHANGE and periodic dynamic subscriber interface metadata sensors (MX Series routers and EX9200 line of switches)—We've made the following updates to the /junos/system/subscriber-management/dynamic-interfaces/interfaces/meta-data/interface<user-typing>sid='<variable>sid-value</variable>'</user-typing>/ sensor:

    • Notifications are sent when subscribers log in on either IP demux or VLAN demux interfaces. In earlier releases, login notifications are sent only for IP demux logins.

    • The interface-set end path has been added to the logical interface metadata. The interface-set field appears in both ON-CHANGE and periodic notifications. In earlier releases, this field is not included in the sensor metadata or notifications.

    [See gRPC Sensors for Subscriber Statistics and Queue Statistics for Dynamic Interfaces and Interface-Sets (Junos Telemetry Interface).]

  • New commit check for MC-LAG (MX Series)—We've introduced a new commit check to check the values assigned to the redundancy group identification number on the MC-AE interface (redundancy-group-id) and ICCP peer (redundancy-group-id-list) when you configure multichassis link aggregation groups (MC-LAGs). If the values are different, the system reports a commit check error. In previous releases, if the configured values were different, the l2ald process would crash.

    [See iccp.]

  • Support for unicast ARP request on table entry expiration—You can configure the device to send a unicast ARP request instead of the default broadcast request when an ARP table entry is about to expire. The retry requests are unicast at intervals of 5 seconds. Without this option, the retry requests are broadcast at intervals of 800 milliseconds. This behavior reduces ARP overall broadcast traffic. It also supports the use case where access nodes are configured not to forward broadcast ARP requests toward customer CPEs for security reasons and instead translate ARP broadcasts to unicast requests. To confirm whether the device is configured, you can issue the following command: show configuration system arp | grep unicast-mode-on-expire

    [See arp.]

  • Update to the show chassis errors active output (MX2010 and MX2020 routers with MPC11E)—We have updated the show chassis errors active output for the MPC11E line card (MX2K-MPC11E) to display the correct error information. Previously, this CLI command displayed duplicate or incorrect output when the MPC11E line card is not installed in slot 0 of the MX2010 or MX2020 routers.

    [See show chassis errors active.]

  • CLI commit error resolved—CLI commit error for configuration statement no-filter-check for family any port mirroring is now resolved.

    [See no-filter-check.]

Interfaces and Chassis

  • Hardware-assisted timestamping—By default, hardware assistance is used for timestamping Ethernet frame delay frames on AFT-based MX Series line cards, even if hardware-assisted-timestamping is not configured.

    [See Enabling the Hardware-Assisted Timestamping Option.]

  • Change in <range> XML tag (MX480)—We've changed the <range> string </range> XML tag to <transport-range> <transport-range-info> string </transport-range-info> <transport-range-suspect-flag> string </transport-range-suspect-flag> <transport-range-reason> string </transport-range-reason> </transport-range> under the [show interfaces transport pm optics current <interface> | display] hierarchy in the XML output. Hence, the new XML tags that associate the values to the range-info, range-suspect-flag, and range-reason tags map the information to the given show interfaces transport pm optics current interface | display entry.

    [See Supported OTN Options on MX Series Routers.]

Junos XML API and Scripting

  • The jcs:invoke() function supports suppression of root login and logout events in system log files for SLAX commit scripts (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—The jcs:invoke() extension function supports the no-login-logout parameter in SLAX commit scripts. If you include the parameter, the function does not generate and log UI_LOGIN_EVENT and UI_LOGOUT_EVENT messages when the script logs in as root to execute the specified remote procedure call (RPC). If you omit the parameter, the function behaves as in earlier releases in which the root UI_LOGIN_EVENT and UI_LOGOUT_EVENT messages are included in system log files.

    [See invoke() Function (SLAX and XSLT).]

  • The jcs:invoke() function supports suppression of root login and logout events in system log files for SLAX event scripts (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—The jcs:invoke() extension function supports the no-login-logout parameter in SLAX event scripts. If you include the parameter, the function does not generate and log UI_LOGIN_EVENT and UI_LOGOUT_EVENT messages when the script logs in as root to execute the specified remote procedure call (RPC). If you omit the parameter, the function behaves as in earlier releases in which the root UI_LOGIN_EVENT and UI_LOGOUT_EVENT messages are included in system log files.

    [See invoke() Function (SLAX and XSLT).]

  • Python 2.7 deprecation (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, vMX, and vSRX)—Starting in Junos OS Release 21.1R1, devices running Junos OS no longer support Python 2.7. We've deprecated the corresponding language python statement at the [edit system scripts] hierarchy level. To execute Python scripts, configure the language python3 statement at the [edit system scripts] hierarchy level to execute the scripts using Python 3.

    [See Understanding Python Automation Scripts for Devices Running Junos OS.]

Layer 2 Ethernet Services

Active leasequery-based bulk leasequery (MX Series)—The overrides always-write-option-82 and relay-option-82 circuit-id configuration at the [edit forwarding-options dhcp-relay] hierarchy level is not mandatory for active leasequery-based bulk leasequery. In releases before Junos OS Release 21.1R1, the overrides always-write-option-82 and circuit-id configurations are mandatory for active leasequery-based bulk leasequery. For regular bulk leasequery between relay and server without any active leasequery, the overrides always-write-option-82 and relay-option-82 circuit-id configurations are mandatory.

[See bulk-leasequery (DHCP Relay Agent).]

Network Management and Monitoring

  • Support for specifying the YANG modules to advertise in the NETCONF capabilities and supported schema list (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—You can configure devices to emit third-party, standard, and Junos OS native YANG modules in the capabilities exchange of a NETCONF session by configuring the appropriate statements at the [edit system services netconf hello-message yang-module-capabilities] hierarchy level. In addition, you can specify the YANG schemas that the NETCONF server should include in its list of supported schemas by configuring the appropriate statements at the [edit system services netconf netconf-monitoring netconf-state-schemas] hierarchy level.

    [See hello-message and netconf-monitoring.]

  • Support for disconnecting unresponsive NETCONF-over-SSH clients (ACX Series, EX Series, MX Series, NFX Series, PTX Series, QFX Series, SRX Series, vMX, and vSRX)—You can enable devices to automatically disconnect unresponsive NETCONF-over-SSH clients by configuring the client-alive-interval and client-alive-count-max statements at the [edit system services netconf ssh] hierarchy level. The client-alive-interval statement specifies the timeout interval in seconds, after which, if no data has been received from the client, the device requests a response. The client-alive-count-max statement specifies the threshold of missed client-alive responses that triggers the device to disconnect the client, thereby terminating the NETCONF session.

    [See ssh (NETCONF).]

User Interface and Configuration

Verbose format option to export JSON configuration data (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—The Junos OS CLI exposes the verbose statement at the [edit system export-format json] hierarchy level. We changed the default format to export configuration data in JavaScript Object Notation (JSON) from verbose to ietf starting in Junos OS Release 16.1R1. You can explicitly specify the default export format for JSON configuration data by configuring the appropriate statement at the [edit system export-format json] hierarchy level. Although the verbose statement is exposed in the Junos OS CLI as of the current release, you can configure this statement starting in Junos OS Release 16.1R1.

[See export-format.]

VPNs

View the traffic selector type for an IPsec tunnel (SRX Series and MX Series)—You can run the show security ipsec security-associations detail command to display the traffic selector type for a VPN. The command displays proxy-id or traffic-selector as a value for the TS Type output field based on your configuration.

[See show security ipsec security-associations.]