Routing Protocols
-
DCSPF support for SR-TE with Flex Algo (MX5, MX10, MX40, MX80, MX104, MX150, MX204, MX240, MX304, MX480, MX960, MX2008, MX2010, MX2020, MX10003, MX10004, MX10008, MX10016, vMX, PTX1000, PTX3000, and PTX5000)—Starting in Junos OS Release 22.2R1, we support the flexible algorithm (Flex Algo) as a constraint in the compute profile of a segment routing–traffic engineering (SR-TE) LSP. The computation combines any constraints in the compute profile with the ones in the Flex Algo definition to find the resultant path. It uses the Flex Algo segment identifiers (SIDs) in the configuration to compress the resultant path.
We support the feature only for IPv4 SR-MPLS SIDs. You can use SR-TE policy constraints to further fine-tune Flex Algo constraints.
-
TCP-AO for RPKI validation sessions (MX204, MX240, MX480, MX960, MX10003, MX10008, MX10016, MX2008, MX2010, MX2020, PTX1000, PTX10002, PTX10008, PTX10016, and vRR) )—Starting in Junos OS Release 22.2R1, you can use TCP Authentication Option (TCP-AO) to authenticate resource public key infrastructure (RPKI) validation sessions for securing the Internet's routing infrastructure, such as BGP. Using RPKI, legitimate holders of Internet number resources can control the operation of Internet routing protocols to prevent route hijacking and other attacks.
To enable a TCP-AO chain to authenticate an RPKI validation session, use
authentication-algorithm
ao
and the configuredauthentication-key-chain
keychain at the [edit routing-options validation group group_name session address
and [edit routing-options validation group group_name
hierarchy levels. -
Nonstop active routing (NSR) support with BGP RIP sharding and BGP UpdateIO features (ACX5048, ACX5096, ACX5448, MX240, MX960, MX2008, MX10016, and PTX5000)—Starting in Junos OS Release 22.2R1, we've enabled nonstop routing (NSR) for BGP RIP sharding and BGP UpdateIO features. With NSR enabled, the backup Routing Engine and backup routing protocol process (rpd) become the primary Routing Engine without negatively affecting the BGP peering sessions with the neighbors if the primary Routing Engine fails. The backup rpd processes the replicated BGP control-plane information and populates the route state in the same multithreaded manner as in the primary rpd.
After you configure NSR, the
show bgp neighbor
andshow bgp summary
commands display the information about the specific shards in the backup Routing Engine. To display the replicated information for a specific shard in theshow bgp replication
command, use therib-sharding shard-name
option.See [show bgp neighbor, show bgp summary, show bgp replication, and BGP Overview.]
- Layer 3 VPN service interworking between SRv6 and
MPLS (MX10008)—Junos OS Release 22.2R1 supports the Layer 3 VPN service between
segment routing over IPv6 (SRv6) and MPLS. The incremental deployment of SRv6 into existing
networks requires SRv6 to interwork and coexist with MPLS (RSVP).
See [ How to Enable SRv6 Network Programming and Layer 3 VPN Services over SRv6 in BGP Networks.]
- SRv6 support for multi-instance IS-IS
(MX10008)—Starting in Junos OS Release 22.2R1, we support SRv6 across multi-instance
IS-IS. Using this feature, you can run SRv6 on multiple independent IS-IS instances
simultaneously in the same router. These multiple instances will act same as the default
standard IS-IS instance. The following SID functionality is supported in default or standard
IS-IS instance. The performance of enabling SRv6 on multi-instance IS-IS is similar to the
one with the SRv6-enabled standard IS-IS IGP instance.
See [How to Configure Multiple Independent IGP Instances of IS-IS,isis-instance.]
- Support for link delay measurement using TWAMP
light and advertising in ISIS (MX240, MX480, MX960, MX2010, MX2020, and
MX10008)—Starting in Junos OS Release 22.2R1, you can measure link delay using TWAMP
light and advertise various performance metrics in IP networks using IS-IS. You can use the
IS-IS metrics to make path-selection decisions based on network performance.
[See How to Enable Link Delay Measurement and Advertising in IS-IS.]
- Support for BGP flow specification (ACX5448,
ACX5448-M, and ACX5448-D)—Starting in Junos OS Release 22.2R1, ACX5448 routers support
BGP flow specification (BGP flowspec) filters based on the match conditions and actions. BGP
flow specification filters support ingress IPv4 and IPv6 addresses. BGP flow specification
filters internally creates implicit forwarding table filters or FTFs to mitigate DDoS
attacks quickly. The BGP flow specification filters created in hardware have more precedence
compared to the interface family
inet
andinet6
filters (IFF and FTFs).[See Forwarding Traffic Using BGP Flow Specification DSCP Action.]
-
BGP extended route retention (MX960, PTX1000, and QFX10002)—In Junos OS Release 22.2R1, we've enhanced the long-lived graceful restart (LLGR) capabilities for a BGP helper device. With this feature enabled, Junos OS supports LLGR helper mode regardless of the BGP peer LLGR capabilities. We've introduced a new configuration statement
extended-route-retention
at the[edit protocols bgp group neighbor graceful-restart long-lived]
hierarchy level. We've also updated the outputs of the following operational commands:show bgp neighbor
show route extensive
-
Anomaly checker for rpd object reference count (MX Series, PTX Series, and QFX Series)—In Junos OS Release 22.2R1, we introduce a generic reference count infrastructure that all the modules in rpd can use. The module maintains lock and unlock statistics corresponding to each object type in use. Any application can call the refcount increment or decrement API when an object is referred. The module also provides a mechanism to detect anomalies such as a leak or overflow in an object’s refcount.
-
Origin validation communities conversion to keywords (MX10008 and PTX10016)— Starting in Junos OS Release 22.2R1, you can choose to accept or reject the origin validation extended communities received from an eBGP peer. The default behavior of Origin Validation State Extended Community (OVS EC) changes to rejected if the extended community is received from an eBGP peer. You can configure your device to accept the community when needed. We also support the configuration of distinguished communities with keywords (
valid
,invalid
, andunknown
) at all the three layers of the BGP configuration hierarchy—global, group, and per-neighbor. If you enable the OVS EC at a hierarchy level, it’s enabled for the lower levels as well. However, you can choose to disable it explicitly at a lower layer if required at any instance. -
BGP LU Prefix SID redistribution between IGP domains (MX480, MX960, PTX1000, and PTX10008)— Starting in Junos OS Release 22.2R1, we support BGP LU prefix-sid redistribution between IGP domains, and installing mpls.0 stitch route to BGP-LU next-hop.
To set prefix segment attributes, use
set prefix-segment
statement at the [edit policy-options policy-statement <policy-name> term <tern-name> from
] hierarchy level.You can now enable prefix-sid redistribution between BGP and ISIS via policy configuration without specifying index under prefix-segment. To do this, use
set prefix-segment redristribute
option at the [edit policy-options policy-statement <policy-name> term <term-name> then
] hierarchy level.[See prefix-segment.]