Network Management and Monitoring
-
CFM CCM support on PS interfaces (MPC7E, MPC8E, MPC9E, MPC10E, and MPC11E line cards)—Starting in Junos OS Release 21.2R1, we support connectivity fault management (CFM) continuity check messages (CCM) on PS interface part of EVPN. You can configure:
- CCM for down maintenance association end points (MEPs), that are down, on the PS interface to monitor the Ethernet networks for connectivity faults.
- Remote defect indication (RDI) for the CCM frame.
- Action profile with action link down for the remote MEP to bring down the PS interface when connectivity is lost.
- Ethernet link trace (ETH-LT) and loopback (ETH-LB) are supported on the CFM session.
-
OAM ping support for segment routing with IPv6 (SRv6) network programming (MX Series)—Starting in Junos OS Release 21.2R1, you can perform the Operation, Administration, and Maintenance (OAM) ping operation for any SRv6 segment identifier (SID) whose behavior allows upper layer header processing for an applicable OAM payload.
Because segment routing with IPv6 data plane (SRv6) adds only the new type-4 routing extension header, you can use the existing ICMPv6-based ping mechanisms for an SRv6 network to provide OAM support for SRv6. Ping with O-Flag (segment header) is not supported.
[See ITU-T Y.1731 Ethernet Service OAM Overview and How to Enable SRv6 Network Programming in IS-IS Networks.]
-
Support for syslog over TLS (EX Series, MX Series, PTX Series, and QFX Series)—Starting in Junos OS Release 21.2R1, you can transport syslog (control plane) over Transport Layer Security (TLS) protocol. Encapsulating syslog over TLS allows you to:
-
Validate the remote destination (syslog server) before transmitting any sensitive syslog information. (Authentication)
-
Encrypt the syslog during the transport. (Encryption)
-
Verify that the data has not been modified or tampered with (Integrity)
Before you enable this feature, ensure you:
-
Configure public key infrastructure (PKI) in Junos
-
Configure and load the digital certificates
-
Configure the remote destination (syslog server) that supports syslog over TLS
To enable transport of syslog (control plane) over TLS, use the
tls
statement at the [edit system syslog host host-name transport
] hierarchy level. -
-
Syslog support to replay events (MX Series)—Starting in Junos OS Release 21.2R1, you can replay syslog events over gRPC. Configure the
last minute
statementat the[edit system syslog grpc-replay]
hierarchy level to replay events. You can also filter events based on facility and priority. Use thefacility
statement to filter events according to facility, and use thepriority
statement to filter events according to the priority at the[edit system syslog grpc-replay]
hierarchy level. You can use thefacility
and thepriority
options to filter replay or live events.[See grpc-replay.]