Hardware
-
New ACX7024 router (ACX Series)—Starting in Junos OS Evolved Release 22.3R1, we introduce the Juniper Networks ACX7024 Cloud Metro Router, a high-performance access router that meets the growing demands of metro applications. With a compact 1-U form factor, temperature-hardened design, and advanced timing features, the ACX7024 supports Ethernet business services, residential access, and 5G mobile deployments. The ACX7024 also supports the latest protocol and traffic engineering technologies and offers a tamper-proof design that ensures strong security capabilities.
The ACX7024 router provides a switching capacity of 360 Gbps and the following port configurations:
-
Four 100-Gigabit Ethernet (GbE) ports (ports 0 through 3) that support quad small form-factor pluggable 28 (QSFP28) transceivers. You can channelize these ports into four 25-Gbps interfaces using breakout cables (and channelization configuration). These ports also support 40-Gbps speed when you use QSFP+ optics. You can channelize these 40-Gbps ports into four 10-Gbps interfaces using breakout cables (and channelization configuration).
-
Twenty-four 25-GbE ports (ports 4 through 27) that operate at 25-Gbps speed with SFP28 transceivers, 10-Gbps speed with SFP+ transceivers, or 1-Gbps speed with SFP transceivers.
You can order the routers with front-to-back airflow (airflow out or AFO) and with AC or DC power supply modules (PSMs).
Table 1: Features Supported on the ACX7024 Router Feature
Description
Chassis -
Support for environmental monitoring and field-replaceable unit (FRU) management. [See show chassis hardware.]
-
Support for Single power supply module (PSM) and PSM Redundancy—The ACX7024 router supports dual PSM (1+1 redundancy) mode by default, and also single PSM mode.
Use the
set chassis pem minimum <number>
command to configure single PSM and set it to 1.
Class of Service -
Support for classification and rewrite rules of all types (Inet-Prec, DSCP, DSCPv6, IEEE-802.1p, IEEE-802.1ad) at the logical interface level. [See Classifiers and Rewrite Rules at the Global, Physical, and Logical Interface Levels Overview.]
-
Logical interfaces support classification and rewrite rules for MPLS, VPLS, L3VPN, L2CKT, CCC, IRB, and EVPN. [See Classifiers and Rewrite Rules at the Global, Physical, and Logical Interface Levels Overview.]
-
The ACX7024 supports deep buffering of oversubscribed traffic and absorbs network bursts, as follows:
-
The router buffers packets using on-chip SRAM and external high-bandwidth memory (HBM).
-
On-chip buffer (OCB) size is 8MB and HMB size is 2GB.
- The default delay buffer size per port is 100 us.
-
The router absorbs bursts up to 20 ms of buffer per port.
This feature is enabled by default.
[See Shared and Dedicated Buffer Memory Pools on ACX Series Routers.]
-
DHCP
-
DHCP server and DHCP relay configuration for IPv4 and IPv6 services.
[See DHCP Overview.]
Ethernet Protocols
-
Support for Ethernet ring protection switching (ERPS) with G.8032 version 2.
[See Understanding Ethernet Ring Protection Switching Functionality.]
-
Support for Layer 2 Protocol Tunneling (L2PT)—You can use L2PT to send L2 protocol data units (PDUs) across the network and deliver them to devices that are not part of the local broadcast domain.
You can configure L2PT using the
protocol <protocol name>
configuration statement at the [edit protocols layer2-control mac-rewrite interface <interface name>
] hierarchy level and destination MAC address using thetunnel-destination-mac <mac address>
configuration statement at the [edit protocols layer2-control mac-rewrite
] hierarchy level. -
Support for Rapid Spanning Tree Protocol (RSTP), Multiple Spanning Tree Protocol (MSTP), and VLAN Spanning Tree Protocol (VSTP).
EVPN
-
Support for EVPN-MPLS—ACX7024 router supports the following EVPN-MPLS features on MAC-VRF instances:
-
L2 flooding for broadcast, unknown unicast, and multicast (BUM) traffic
-
Split-horizon between core interfaces
-
Data plane and control plane MAC learning and aging, and static MAC
-
MAC movement and MAC mobility on control plane only
-
MAC limiting and MAC learning
-
Input and output VLAN maps using normalization on user-to-network interfaces (UNIs)
-
Aggregated Ethernet interfaces used for UNIs and network node interfaces (NNIs)
-
Physical interfaces for VLAN tagging, stacked VLAN tagging, flexible VLAN tagging, and extended VLAN bridges using EVPN-MPLS as a service
-
Ethernet bridge mode for logical UNIs
-
VLAN ID lists, native VLAN ID supported logical UNIs, and priority-tagged logical interfaces
-
Underlay with ECMP and Fast reroute (FRR)
-
Control-word support for EVPN
-
EVPN Proxy Address Resolution Protocol (ARP) and ARP suppression
[See EVPN Feature Guide.]
-
-
Virtual private wire service (VPWS) with EVPN signaling mechanisms and flexible cross-connect support.
Firewall Filters
-
Support for firewall filters and policers—ACX7024 router supports configuring firewall filters with packet match conditions for the following families: bridge domain, IPv4, IPv6, CCC, and MPLS. In addition to packet match conditions, the following actions are supported: count, discard, log, syslog, and policer.
[See Standard Firewall Filter Match Conditions and Actions on ACX Series Routers Overview.]
-
Firewall filter protocols: MPLS, CCC, virtual private LAN service (VPLS), and ANY.
[See Firewall Filters Overview.]
High Availability
-
Support for the following Bidirectional Forwarding Detection (BFD) features:
-
BFD for IPv4 and IPv6 routes
-
Single-hop BFD in inline mode with an interval range of 4 milliseconds to 1 second
-
Single-hop BFD in distributed mode with an interval of 1 second or more
-
Single-hop BFD in centralized mode with a minimum interval of 1 second to detect IRB failures
-
Multihop BFD with an interval of 1 second or more
-
Micro-BFD for LAG in centralized or distributed mode with an interval of 1 second or more
-
-
You can configure BFD over label-switched paths (LSPs) or RSVP-based LSPs in a centralized mode. [See Bidirectional Forwarding Detection (BFD) for MPLS.]
-
VRRP for IPv4 and IPv6. [See VRRP and VRRP for IPv6 Overview.]
Interfaces
-
Support for 1RU Metro Ethernet device —The ACX7024 router is a high-density 1RU Metro Ethernet device with 28 ports. You can configure the first four ports as 40-Gigabit or 100-Gigabit Ethernet interfaces. The first four ports also support channelization. Ports 0-3 also supports 10-Gigabit and 25-Gigabit Ethernet interfaces using channelization. You can configure the remaining 24 ports as 1-Gigabit, 10-Gigabit, or 25-Gigabit Ethernet interfaces.
By default, the ports are 10-Gigabit and 100-Gigabit Ethernet interfaces.
Note:If you enable PTP mode, the system deletes port et-0/0/27.
To configure the port speed of the line card, use the statement at the [
set interfaces <intf name> speed <speed>
] hierarchy. Assign the speed value as <1G | 10G | 25G | 40G | 100G >.To disable the port, use the
set interfaces <intf name> unused
command.[See Port Speed.]
Layer 2 features
-
Support for the following advanced L2 features:
-
Bridge domain without a
vlan-id
number statement -
Bridge domain with the
vlan-id
value set to None -
Bridge domain with a single VLAN ID
-
Single-learning domain
-
MAC limiting
-
Ethernet service types:
-
E-Line with these AC interface types: port, VLAN, Q-in-Q, VLAN list, and VLAN maps
-
E-line
-
E-LAN
-
E-Access
-
E-Transit
-
-
LLDP
-
LACP
-
IRB interface
-
Link aggregation group (LAG) support with the following hashing algorithms:
-
For family
multiservice
, destination and source MAC addresses -
For family
inet
, Layer 3 and Layer 4 -
For family
inet6
, Layer 3 destination and source addresses -
For family
inet6
, Layer 4 destination and source ports
-
-
Encapsulation types:
-
extended-vlan-bridge
-
vlan-bridge
-
-
Q-in-Q tunneling
[See Understanding Layer 2 Bridge Domains and Q-in-Q Tunneling.]
-
-
Disable local switching in bridge domains.
[See Configuring MAC Address Flooding and Learning for VPLS.]
-
Storm control
[See Understanding Storm Control.]
Layer 2 VPN
-
Support for VPLS—The ACX7024 routers support a single VLAN for each virtual switch routing instance type. Junos OS Evolved does not support the family vpls option. To configure VPLS on the ACX7024 routers, configure the instance-type virtual switch statement at the [edit routing-instances routing instance ] hierarchy level.
-
Layer 2 VPN and L2 circuit support:
-
L2 circuit—Targeted LDP signaling pseudowires and interoperability between different types of supported attachment circuit (AC) for L2 circuit
-
L2 VPN circuit—BGP signaling
-
-
MPLS fast reroute (FRR) on IGP, circuit attachment types (port, VLAN, and Q-in-Q tunneling), control word, pseudowire circuit on aggregated Ethernet interfaces, indirect next hops and composite next hops, pipe and uniform mode time-to-live (TTL), Tag Protocol Identifiers (TPIDs), and VLAN map on pop, push, or swap
[See Understanding Layer 2 VPNs and Understanding Layer 2 VPNs and Configuring Interfaces for Layer 2 Circuits.]
Layer 3 features
-
Support for the following Layer 3 features:
-
Longest prefix match
-
Exception packets handling
-
VLAN tagging modes
-
Neighbor solicitation
-
Unicast RPF
-
Interface-based routing
-
Integrated routing and bridging (IRB)
The ACX7024 router also supports interior gateway protocols such as OSPF, IS-IS, RIP, and ECMP. [See Configure ICMP Features, Enabling VLAN Tagging, Neighbor solicitation, Understanding Unicast RPF (Routers), OSPF Overview, IS-IS Overview, and RIP User Guide.]
-
-
Support for BGP for IPv4 and IPv6. [See BGP Overview.]
Layer 3 VPN
-
Support for the following Layer 3 (L3) VPN features:
-
IP-VPN services:
-
Virtual routing and forwarding (VRF) and virtual-router instance type
-
All control plane configuration options
-
Per-prefix and per-table label signaling
-
L3 VPN support with ECMP
-
BGP policies support for different L3 VPN use cases such as full mesh VPN, hub-spoke VPN, management VPN, and leaking routes
-
L3 VPN with
vrf-table-label
mode -
L3 VPN with
chained-composite-next-hop
mode -
L3 VPN ping using
ping mpls l3vpn prefix prefix-name l3vpn
name commandNote:The ping command works only with the
vrf-table-label
configuration.
-
-
6PE and 6VPE with PE-CE routing-static and PE-to-CE BGPv6
-
Import and export of routes across non-default to non-default virtual routing and forwarding (VRF)
Note:Table next hop is not supported.
-
Inter-autonomous system (Inter-AS) options A, B, and C
Note:You can deploy inter-AS option B in a hierarchical network design within a single interior gateway protocol (IGP) autonomous system.
-
Provider edge-to-customer edge (PE-to-CE) route using static route and routing protocols such as eBGP, IS-IS, OSPF, and RIP
-
Currently, we do not support virtual tunnel (VT) interface-based L3 VPN. [See Layer 3 VPNs User Guide for Routing Devices.]
Management
-
Support for NETCONF, Transport Layer Security (TLS), YANG, and OpenConfig management features.
MPLS
-
Support for the following MPLS features:
-
IP/MPLS infrastructure feature set for the L3 VPN service
-
Basic BGP control plane features such as LDP-DOD, CSPF, and single-area CSPF
-
MPLS label stack
-
MPLS protections:
-
Fast reroute (FRR)/ Make-before-break (MBB)
-
Link protection
-
Node protection
-
-
Label-switching router (LSR)
-
Shared Risk Link Group (SRLG) for MPLS
-
RSVP label-switched path (LSP) over IPv4 include refresh reduction
-
Label Distribution Protocol (LDP) LSP over IPv4
-
RSVP 1:1
-
RSVP-Traffic Engineering (RSVP-TE)
-
LDP over RSVP
-
Inter-autonomous system LSP intra-area LSP
[See MPLS Applications User Guide.]
-
Multicast
-
Support for L2 multicast-related features, includes Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) snooping. You can configure IGMP snooping with IGMPv1, IGMPv2, and IGMPv3, which includes the support for:
-
IGMP snooping in Bridge Domain (BD)
-
IGMP snooping with integrated routing and bridging (IRB) configured in BD
-
MLD snooping in BD
-
MLD snooping with IRB configured in BD
[See IGMP Snooping Overview and Understanding MLD Snooping.]
-
-
Support for IPv4 multicast for L3. You can configure IGMP snooping with IGMPv2 and IGMPv3, which includes support for the following:
-
Auto-rendezvous point (auto-RP)
-
Anycast RP
-
IGMP filter
-
IGMP querier
-
Protocol Independent Multicast source-specific multicast (PIM SSM)
-
PIM sparse mode (PIM SM)
Note:In this Junos OS Evolved release, the ACX7024 doesn't support IPv6 multicast or L3 multicast protocols (such as IGMP, MLD, or PIM) over IPv4 and IPv6 IRB interfaces.
[See IGMP Snooping Overview.]
-
-
Support for multichassis link aggregation groups (MC-LAGs). The following features are available on MC-LAGs:
-
Layer 2 bridging for active-active and active-standby modes
-
Layer 3 unicast
-
Operations, Administration, and Management
-
Support for Operations, Administration, and Management (OAM). You can configure the connectivity fault management (CFM), BFD, ITU-T Y.1731 standard for Ethernet service OAM. You can also configure the following features of link-fault management (LFM):
-
Discovery
-
Link monitoring
-
Remote fault detection
[See ITU-T Y.1731 Ethernet Service OAM Overview and Introduction to OAM Link Fault Management (LFM).]
-
-
Support for IEEE 802.1ag OAM CFM.
-
Support for IEEE Standard 802.3ah and 802.1ag for OAM CFM DOWN and UP maintenance association end points (MEPs) over virtual private LAN service (VPLS)
-
Support for IEEE Standard 802.3ah and 802.1ag for OAM CFM UP maintenance association end points (MEPs) over EVPN
[See IEEE 802.3ah OAM Link-Fault Management Overview and IEEE 802.1ag OAM Connectivity Fault Management Overview.]
Resiliency
Support for platform resiliency to handle failures and faults related to components such as CPU, fan trays, temperature sensors, power supply units, FPGA, and optics. Fault handling includes detecting and logging the error, raising alarms, sending SNMP traps, communicating errors through LEDs, self-healing, and taking components out of service.
[See show system errors active.]
Routing Policy
Unicast reverse path forwarding (unicast RPF) support for IPv4 and IPv6. You can reduce the impact of denial-of-service (DoS) attacks for IPv4 and IPv6 interfaces by configuring unicast RPF. You can use unicast RPF to determine the source of attacks and reject packets from unexpected source addresses on interfaces. However, we do not support unicast RPF checking for:
-
Transit packets exiting a tunnel source interface.
-
Asymmetrical routing.
Segment Routing
Support for segment routing—The following segment routing features are supported:
-
Segment routing global block (SRGB) for OSPF and IS-IS
-
Fast reroute
-
Metro Ethernet services over segment routing infrastructure
Support for segment routing—The following segment routing features are supported:
-
Segment routing services: L3VPN, IPv6 VPN Provider Edge (6VPE) , IPv6 Provider Edge (6PE), Layer 2 (L2) VPN, L2 Circuit, and BGP-VPLS
-
Static segment routing (node segment, prefix segment, adjacency, and anycast segments) for OSPF and IS-IS
-
Topology-independent loop-free alternate (TI-LFA) with segment routing for OSPF and IS-IS
[See Understanding Topology-Independent Loop-Free Alternate with Segment Routing for IS-IS, Understanding Source Packet Routing in Networking (SPRING), and Understanding Adjacency Segments, Anycast Segments, and Configurable SRGB in SPRING.]
Services applications -
Support for RFC 5357, Two-Way Active Measurement Protocol (TWAMP) monitoring service. You can configure the TWAMP monitoring service, which sends out probes to measure network performance. You often use TWAMP to check compliance with service-level agreements. In Junos OS Evolved, you configure TWAMP at the [
edit services monitoring twamp
] hierarchy level.The support for this service is limited to the following:
-
IPv4 traffic only for control sessions and test sessions
-
Probe statistics and history
-
Control and test session status
-
Test session probe generation and reception, as well as reflection
-
Timestamps set by the Routing Engine or the Packet Forwarding Engine
-
Error reporting through system log messages only
-
Unauthenticated mode only
-
-
TWAMP IPv6 address support—You can specify IPv6 source and target addresses for TWAMP clients, control connections, and test sessions.
[See Understanding Two-Way Active Measurement Protocol on Routers.]
Software installation and upgrade
-
Support for secure-boot implementation based on the UEFI 2.4 standard.
[See Secure Boot.]
-
Support for either WAN interfaces or management interfaces to automatically download and install the appropriate software and the configuration file on your device during the ZTP bootstrap process.
[See Zero Touch Provisioning.]
Security Services
-
Support for distributed denial of service (DDoS) protection, which is enabled by default.
[See Control Plane Distributed Denial-of-Service (DDoS) Protection Overview.]
System Management
-
Support for an alternate partition for device recovery—An alternate partition called /altconfig is used to recover the device when the /config partition gets corrupted. In certain scenarios, the /config (which holds the last four committed configuration files along with the rescue configuration) gets corrupted during resets or power cycles. The /altconfig partition (which holds the juniper.conf.gz and rescue.conf.gz files) is used by the management daemon (mgd) to recover the device when the /config is corrupted. This is a boot time feature and is enabled by default.
Timing and synchronization
-
Support for enhanced Ethernet equipment clock (eEEC). Enhanced EEC enables new clocks to operate with different quality levels defined in the Synchronous Ethernet chain.
To enable enhanced EEC on your router, configure the
enable-extended-qltlv
statement at the [edit chassis synchronization
] hierarchy level.The ACX7024 supports the following new clock quality levels for enhanced EEC:
-
Enhanced primary reference time clock (ePRTC)
-
Primary reference time clock (PRTC)
-
Enhanced primary reference clock (ePRC
-
Enhanced Ethernet equipment clock (eEEC)
[See enable-extended-ql-tlv, Ethernet Synchronization Message Channel Overview, and synchronization.]
-
-
Support for frequency synchronization using Synchronous Ethernet. [See Synchronous Ethernet Overview.]
-
Support for G.8275.1 telecom profile, Precision Time Protocol (PTP) over Ethernet encapsulation, and hybrid mode. [See Precision Time Protocol Overview and Understanding Hybrid Mode.]
-
Support for Precision Time Protocol (PTP) G.8275.1 enh and G.8275.2 enh profiles with PTP over IPv4 and IPv6 unicast. The G.8275.1 enh profile does not support unicast negotiation.
[See PTP profiles.]
To view the hardware compatibility matrix for optical interfaces, transceivers, and DACs supported on the ACX7024 router, see the Hardware Compatibility Tool.
-