Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

What’s Changed in Release 21.2R1

General Routing

  • SSH session connection limit and rate limit per connection (PTX Series and QFX Series)—We have introduced SSH connection-limit and rate-limit options at the edit system services ssh hierarchy levels to enable SSH connection limit and rate limit per connection. The default connection limit value is 75 connections and there is no default value associated with rate limit.

  • Secure boot disabled alarm is raised (PTX10008)—The Secure boot disabled alarm is raised when the system boots with secure boot disabled in bios.

  • Fault alarm generated for feed failure on a DC power supply (PTX10008)-A fault alarm is generated when only one of the feeds on a DC power supply (A0 and B0 or A1 and B1) is faulty.

  • Enhancement to the show chassis pic command (Junos OS Evolved)— You can now view additional information about the optics when you run the show chassis pic command. The output now displays the following additional field:

    MSA Version: Multi-source Agreements (MSA) version that the specified optics is compliant to. Values supported are: SFP+/SFP28 — SFF-8472 (versions 9.3 - 12.3), QSFP+/QSFP28 — SFF 8363 (versions 1.3 - 2.10), and QSFP-DD — CMIS 3.0, 4.0, 5.0.

    Previously, the show chassis pic command did not display this additional field.

    [See show chassis pic.]

EVPN

  • Support for displaying SVLBNH information —You can now view shared VXLAN load balancing next hop (SVLBNH) information when you display the VXLAN tunnel endpoint information for a specified ESI and routing instance by using show ethernet-switching vxlan-tunnel-end-point esi esi-identifier esi-identifier instance instance svlbnh command.

Interfaces and Chassis

  • Fabric OAM is disabled by default (PTX10003-80C and PTX10003-160C)—We've disabled the fabric Operation, Administration, Maintenance (OAM) feature, which helps in detecting failures in fabric paths. This release does not support disabling this feature by using the set chassis fabric oam detection-disable. In Junos OS Evolved Release 20.4R1, the fabric OAM feature was enabled by default.

    [See Error Handling by Fabric OAM.]

Junos XML API and Scripting

  • Changes to how command-line arguments are passed to Python op scripts (ACX Series, PTX Series, and QFX Series)—When the device passes command-line arguments to a Python op script, it prefixes a hyphen (-) to single-character argument names, and it prefixes two hyphens (--) to multi-character argument names. The prefix enables you to use standard command-line parsing libraries to handle the arguments. In earlier releases, the device prefixes a single hyphen (-) to all argument names.

    [See Declaring and Using Command-Line Arguments in Op Scripts.]

  • The language python statement is enabled by default (ACX Series, PTX Series, and QFX Series)—The language python statement is configured by default in the junos-defaults configuration group on devices running Junos OS Evolved. Thus, you can execute unsigned Python scripts using the default Python version without explicitly configuring the statement on the device.

    [See Requirements for Executing Python Automation Scripts on Devices Running Junos OS.]

  • Python 3 add-on modules (PTX Series)—Junos OS Evolved includes additional Python 3 libraries and modules, which Python scripts can import and use.

    [See Overview of Python Modules on Devices Running Junos OS.]

Network Management and Monitoring

  • Changes to <commit> RPC responses in RFC-compliant NETCONF sessions (ACX Series, PTX Series, and QFX Series)—When you configure the rfc-compliant statement at the [edit system services netconf] hierarchy level, the NETCONF server's response for <commit> operations includes the following changes:

    • If a successful <commit> operation returns a response with one or more warnings, the warnings are redirected to the system log file, in addition to being omitted from the response.
    • The NETCONF server response emits the <source-daemon> element as a child of the <error-info> element instead of the <rpc-error> element.
    • If you also configure the flatten-commit-results statement at the [edit system services netconf] hierarchy level, the NETCONF server suppresses any <commit-results> XML subtree in the response and only emits an <ok/> or <rpc-error> element.

    [See Configuring RFC-Compliant NETCONF Sessions.]

  • Changes to how command-line arguments are passed to Python action scripts (ACX Series, PTX Series, and QFX Series)—When a custom YANG RPC invokes a Python action script and passes command-line arguments to the script, the device prefixes a hyphen (-) to single-character argument names, and it prefixes two hyphens (--) to multi-character argument names. The prefix enables you to use standard command-line parsing libraries to handle the arguments. In earlier releases, the device passes the unmodified argument names to the script.

    [See Creating Action Scripts for YANG RPCs on Devices Running Junos OS and Displaying Valid Command Option and Configuration Statement Values in the CLI for Custom YANG Modules.]

Services Applications

  • Changes to inline active flow monitoring (PTX Series)—When you use inline active flow monitoring, no flows are maintained. Every sampled packet is considered to be a flow. When the sampled packet is received, the flow is created and immediately timed out as inactive, and the software exports a record to the collector. Therefore, the number of records sent to the collector is higher than before. The IPFIX and version 9 Options Template Data Record now contains 0 in the Flow Active Timeout (IE 36) and Flow Inactive Timeout (IE 37) fields. Therefore, the Options Template Data Record is not compliant with IPFIX RFC 7011. We do not recommend that you configure the nexthop-learning statement at the [edit services flow-monitoring version version template template-name] hierarchy level, as it reduces the number of packets that can be processed. The show services accounting flow inline-jflow fpc-slot slot operational mode command now displays 0 for all of the Active Flows and Timed Out fields. The various Total Flows fields are now equal to their respective Flow Packets fields. The various Flows Inactive Timed Out fields are now equal to their respective Flow Packets fields.

    [See Understanding Inline Active Flow Monitoring.]