What’s Changed
Learn about what changed in this release for PTX Series.
Authentication and Access Control
-
SHA-1 password format deprecated (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, vMX and vSRX)—We've removed the
sha1
option at the[edit system login password format]
hierarchy level because SHA-1 is no longer supported for plain-text password encryption.
General Routing
-
OpenConfig container names for Point-to-Multipoint per interface ingress and egress sensors are modified for consistency from "signalling" to "signaling".
Junos XML API and Scripting
-
Refreshing scripts from an HTTPS server requires a certificate (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, vMX, and vSRX)–When you refresh a local commit, event, op, SNMP, or Juniper Extension Toolkit (JET) script from an HTTPS server, you must specify the certificate (Root CA or self-signed) that the device uses to validate the server's certificate, thus ensuring that the server is operational mode command, include the
cert-file
option and authentic. In earlier releases, when you refresh scripts from an HTTPS server, the device does not perform certificate validation. When you refresh a script using therequest system scripts refresh-from
specify the certificate path. Before you refresh a script using theset refresh
orset refresh-from
configuration mode command, first configure thecert-file
statement under the hierarchy level where you configure the script. The certificate must be in Privacy-Enhanced Mail (PEM) format.See request system scripts refresh-from.
See cert-file.
Network Management and Monitoring
-
Support for automatically synchronizing an ephemeral instance configuration upon committing the instance (EX Series, MX Series, MX Series Virtual Chassis, PTX Series, QFX Series, and vMX)—You can configure an ephemeral database instance to synchronize its configuration to the other Routing Engine every time you commit the ephemeral instance on a dual Routing Engine device or an MX Series Virtual Chassis. To automatically synchronize the instance when you commit it, include the
synchronize
statement at the[edit system commit]
hierarchy level in the ephemeral instance's configuration.See Commit and Synchronize Ephemeral Configuration Data Using the NETCONF or Junos XML Protocol.
-
Changes to the NETCONF
[edit-config]
RPC response (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, vMX, and vSRX)—When the[edit-config]
operation returns an error, the NETCONF server does not emit aload-error-count
element in the RPC response. In earlier releases, the[edit-config]
RPC response includes theload-error-count
element when the operation fails.
Routing Protocols
-
SSH TCP forwarding disabled by default—We've disabled the SSH TCP forwarding feature by default to enhance security. To enable the SSH TCP forwarding feature, you can configure the
allow-tcp-forwarding
statement at theedit system services ssh
hierarchy level.In addition, we?ve deprecated the
tcp-forwarding
andno-tcp-forwarding
statements at theedit system services ssh
hierarchy level.[See services (System Services).]