What’s Changed in Release 22.1R1

Change in in unnumbered-address support for GRE tunnel—Starting in Junos OS Release 24.4R1, there is a behavioural change in unnumbered-address support for GRE tunnel with IPV6 family and display donor interface for both IPV4 and IPV6 families of GRE tunnel. You can view interface donor details under show interfaces hierarchy level.

See [ show interfaces.]

No support for PKI operational mode commands on the Junos Limited version (MX Series routers, PTX Series routers, and SRX Series devices)—We do not support request , show , and clear PKI-related operational commands on the limited encryption Junos image ("Junos Limited"). If you try to execute PKI operational commands on a limited encryption Junos image, then an appropriate error message is displayed. The pkid process does not run on Junos Limited version image. Hence, the limited version does not support any PKI-related operation.

The request vmhost jdm login option visible to non-root users in in-chassis Junos node slicing (MX2010, MX2020, MX480, MX960, MX2008)—The login option under the request vmhost jdm CLI is visible to non-root users. This option was earlier visible only to users with the root privileges. Though this option is now visible to all users, only root users can log in to JDM. If a non-root user attempts to log in, the software displays the following warning message: warning: Login as ?root? to use this functionality.

See [ request vmhost jdm login (In-Chassis Model).]

The <request-system-zeroize> RPC response indicates when the device successfully initiates the requested operation (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, vMX, and vSRX)—When the <request-system-zeroize> RPC successfully initiates the zeroize operation, the device emits the <system-zeroize-status>zeroizing re0</system-zeroize-status> response tag to indicate that the process has started. If the device fails to initiate the zeroize operation, the device does not emit the <system-zeroize-status> response tag.

Display the donor details of the IPv6 borrower interface? The output for the show interfaces command now displays the donor details of the IPv6 borrower interface.

[See show interfaces .]

New output fields for subscriber management statistics (MX Series)—If you enable the enhanced subscriber management, the non-DHCPv4 bootstrap protocol (BOOTP) requests might not get processed even if you configure the DHCP relay or server with the overrides bootp-support statement at the edit forwarding-options dhcp-relay hierarchy level. To monitor the DHCP transmit and receive packet counters, we've introduced the following output fields for show system subscriber-management statistics dhcp extensive operational command. - BOOTP boot request packets received - BOOTP boot reply packets received - BOOTP boot request packets transmitted - BOOTP boot reply packets transmitted

[See show system subscriber-management statistics.]

Starting with Junos OS 16.1 the MPLS EXP bits transmitted in self ping messages are set based on the DSCP/ToS setting of the corresponding IP packet.

When defining a constrained path LSP using more than one strict hop belonging to the egress node, the first strict hop must be set to match the IP address assigned to the egress node on the interface that receives the RSVP Path message. If the incoming RSVP Path message arrives on an interface with a different IP address the LSP is rejected.

Disable sending of RSVP hellos over a bypass LSP (MX Series)—Junos routers send RSVP hello packets over a bypass LSP (when one is present), instead of the IGP next hop. To return to the original behavior specify the no-node-hello-on-bypass option.

See [ no-node-hello-on-bypass.]

NAT rule configuration command (SRX Series and MX Series)—Starting in Junos OS Release 22.1R1, on Source NAT, Destination NAT, and Static NAT, the rule-set command configuration fails if you use the IP address with incorrect prefix. To commit the configuration, use the valid IP address prefix.

[See rule-set (Security Source NAT), rule-set (Security Destination NAT), and rule-set (Security Static NAT).]

Junos XML protocol Perl modules deprecated (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, vMX, and vSRX)—We no longer provide the Junos XML protocol Perl client for download. To use Perl to manage Junos devices, use the NETCONF Perl library instead.

[See Understanding the NETCONF Perl Client and Sample Scripts.]

Support for automatically synchronizing an ephemeral instance configuration upon committing the instance (EX Series, MX Series, MX Series Virtual Chassis, PTX Series, QFX Series, and vMX)—You can configure an ephemeral database instance to synchronize its configuration to the other Routing Engine every time you commit the ephemeral instance on a dual Routing Engine device or an MX Series Virtual Chassis. To automatically synchronize the instance when you commit it, include the synchronize statement at the [edit system commit] hierarchy level in the ephemeral instance's configuration.

[See Commit and Synchronize Ephemeral Configuration Data Using the NETCONF or Junos XML Protocol.]

To achieve consistency among resource paths, the resource path /mpls/signalling-protocols/segment-routing/aggregate-sid-counters/aggregate-sid-counter ip-addr='address'/state/counters name='name'/out-pkts/ is changed to /mpls/signaling-protocols/segment-routing/aggregate-sid-counters/aggregate-sid-counter ip-addr='address'/state/counters name='name'/. The leaf "out-pkts" is removed from the end of the path, and "signalling" is changed to "signaling" (with one "l").

The RPD_OSPF_LDP_SYNC message not logged?On all Junos OS and Junos OS Evolved devices, when an LDP session goes down there is a loss of synchronization between LDP and OSPF. After the loss of synchronization, when an interface has been in the holddown state for more than three minutes, the system log message with a warning level is sent. This message appears in both the messages file and the trace file. However, the system log message does not get logged if you explicitly configure the hold-time for ldp-synchronization at the edit protocols ospf area area id interface interface name hierarchy level less than three minutes. The message is printed after three minutes.

To achieve consistency among resource paths, the resource path /mpls/signalling-protocols/segment-routing/aggregate-sid-counters/aggregate-sid-counterip-addr='address'/state/countersname='name'/out-pkts/ is changed to /mpls/signaling-protocols/segment-routing/aggregate-sid-counters/aggregate-sid-counterip-addr='address'/state/countersname='name'/. The leaf "out-pkts" is removed from the end of the path, and "signalling" is changed to "signaling" (with one "l").

When the krt-nexthop-ack statement is configured, the RPD will wait for the next hop to get acknowledged by PFE before using it for a route. Currently, only BGP-labeled routes and RSVP routes support this statement. All other routes will ignore this statement.

Load JSON configuration data with unordered list entries (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, vMX, and vSRX)—The Junos schema requires that list keys precede any other siblings within a list entry and appear in the order specified by the schema. Junos devices provide two options to load JSON configuration data that contains unordered list entries:

• Use the request system convert-json-configuration operational mode command to produce JSON configuration data with ordered list entries before loading the data on the device.

• Configure the reorder-list-keys statement at the [edit system configuration input format json] hierarchy level. After you configure the statement, you can load JSON configuration data with unordered list entries, and the device reorders the list keys as required by the Junos schema during the load operation.

When you configure the reorder-list-keys statement, the load operation can take significantly longer to parse the configuration, depending on the size of the configuration and number of lists. Therefore, for large configurations or configurations with many lists, we recommend using the request system convert-json-configuration command instead of the reorder-list-keys statement.

[See json and request system convert-json-configuration.]

Junos XML protocol Perl modules deprecated (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, vMX, and vSRX)—We no longer provide the Junos XML protocol Perl client for download. To use Perl to manage Junos devices, use the NETCONF Perl library instead.

See [ Understanding the NETCONF Perl Client and Sample Scripts.]

When you configure max-cli-sessions at the edit system hierarchy level, it restricts the maximum number of cli sessions that can coexist at any time. Once the max-cli-sessions number is reached, new CLI access is denied. The users who are configured to get the CLI upon login, are also denied new login. Themax-cli-sessionsis configured so you can control the memory usage for the CLI. You may set the max-cli-sessions per your requirement. However, ifmax-cli-sessionsis not configured, there is no control on the number of CLIs getting invoked.

Changes to show mvpn c-multicast and show mvpn instance outputs— The FwdNh output field displays the multicast tunnel (mt) interface in the case of Protocol Independent Multicast (PIM) tunnels.

See [ show mvpn c-multicast.]