What's Changed in Release 22.3R1
General Routing
-
CPU utilization greater than 100% (ACX Series) —On ACX Series routers running Junos OS Evolved, the
show system processes
command might report CPU utilization spikes greater than 100%. This kind of CPU utilization is normal behavior, and no user action is required. The CPU utilization spikes represent the sum of individual processor threads and not of the entire system CPU capacity.[See show system processes.]
-
OpenConfig container names for Point-to-Multipoint per interface ingress and egress sensors are modified for consistency from "signalling" to "signaling."
-
Support for PKI daemon (ACX7024)— We've introduced support for public key infrastructure (PKI) daemon on ACX7024 routers. The PKI daemon provides support to create two kinds of digital certificates on the device: a local certificate and a CA certificate. Using the local certificate, any remote resource can verify the device's identity. Using the CA certificate, the device can verify the identity of a remote resource by verifying the remote resource's digital certificate. A secure channel between the device and the remote resource is created only after this mutual verification. You can use the PKI configuration and operation commands to perform PKI operations on ACX7024 routers.
-
sFlow configuration? sFlow configuration is allowed only on et, xe, and ge interfaces in EVO-based platforms. All other interfaces are blocked for configuring sFlow on EVO platforms. A cli error will be thrown if sFlow is configured on any other interface other than et, xe or ge interface.
-
Enhanced SSH hostkey algorithm configuration—We've introduced the
hostkey-algorithm-list
statement at the [edit system services ssh
] hierarchy level. This enhancement enables you to configure only the specified SSH hostkey algorithms. The system disables the remaining unspecified hostkey algorithms. In earlier releases, you need to disable the hostkey algorithms explicitly. All the hostkey algorithms at this hierarchy are enabled by default. The DSS algorithm is no longer available at this new hierarchy level.In addition, we've deprecated the
hostkey-algorithm
statement at the [edit system services ssh
] hierarchy level.[See hostkey-algorithm.]
-
Instance type change is not permitted from default to L3VRF in open configuration (ACX Series and QFX Series)—DEFAULT_INSTANCE is the primary instance that runs when there is no specific instance type configured in the route
set routing-options?
. Any instance you explicitly configure is translated intoset routing-instance r1 routing-options?
. The issue appears in translation, when you change instance type DEFAULT_INSTANCE (any instance to DEFAULT_INSTANCE) to L3VRF or L3VRF to DEFAULT_INSTANCE. As a result, such changes are not permitted. Additionally, DEFAULT_INSTANCE can only be named DEFAULT, and DEFAULT is reserved for DEFAULT_INSTANCE, therefore allowing no such changes. -
Prior to this change when route sharding is configured the output of CLI
show route
commands included information about sharding. After the change the use must add the rib-sharding all argument to CLIshow route
commands to display sharding information. -
Support for configuring multi-chassis protection at the global level (ACX7509)—We've enabled the multi-chassis-protection statement at the edit multi-chassis global hierarchy level for ACX7509 devices. In earlier releases, multi-chassis-protection could only be enabled at the interface level.
-
The traffic rate could display incorrect values in the
show services inline ip-reassembly statistics fpc x pfe-slot y
output.
Juniper Extension Toolkit (JET)
-
Python 3 is the default and only Python version for executing Juniper Extension Toolkit Python scripts (ACX Series, PTX Series, and QFX Series)—Junos OS Evolved supports only Python 3 for executing Juniper Extension Toolkit (JET) scripts written in Python. Python 2.7 is no longer supported for executing JET scripts, and we've deprecated the
language python
statement at the[edit system scripts]
hierarchy level.[See Understanding Python Automation Scripts for Junos Devices.]
Junos XML API and Scripting
-
Deprecated functions in the
libpyvrf
Python module (ACX Series, PTX Series, and QFX Series)—Thelibpyvrf
Python module no longer supports theget_task_vrf()
andset_task_vrf()
functions.[See How to Specify the Routing Instance in Python 3 Applications on Devices Running Junos OS Evolved.]
-
Python 3 is the default and only Python version for executing commit, event, op, and SNMP Python scripts (ACX Series, PTX Series, and QFX Series)—Junos OS Evolved supports only Python 3 for executing commit, event, op, and SNMP scripts written in Python. Python 2.7 is no longer supported for executing these types of scripts, and we've deprecated the
language python
statement at the[edit system scripts]
hierarchy level.[See Understanding Python Automation Scripts for Junos Devices.]
MPLS
-
Starting with Junos OS and Junos Evolved release 21.4R3, a CSPF LSP uses a new instance ID when attempting to re-signal a down LSP.
Network Management and Monitoring
-
Python 3 is the default and only Python version for executing YANG action and translation Python scripts (ACX Series, PTX Series, and QFX Series)—Junos OS Evolved supports only Python 3 for executing YANG action and translation scripts written in Python. Python 2.7 is no longer supported for executing YANG action and translation scripts, and we've deprecated the
language python
statement at the[edit system scripts]
hierarchy level.[See Understanding Python Automation Scripts for Junos Devices.]
Platform and Infrastructure
-
Enhanced bandwidth and burst policer value—We've updated the default bandwidth value from 20000 to 100 pps and burst policer value from 20000 to 100 packets.
System Management
-
Command to automate SSH key-based authentication (ACX Series, PTX Series, and QFX Series)—You can set up SSH-key based authentication between the network device and a remote host by issuing the
request security ssh password-less-authentication
operational mode command. When you execute the command with the appropriate options, the device generates SSH keys for the current user, provided the user does not already have existing keys, and transfers the user's public key to the authorized_keys file of the specified user on the remote host.
User Interface and Configuration
-
Support for temperature sensor (PTX10001-36MR)—We support the temperature sensor statement at the edit chassis cb hierarchy level. You can use the temperature sensor statement to increase the fan speed and customize the temperature threshold. We recommend certain values for ZR and ZR-M modules to work which helps the temperature to remain within the thresholds.
[See temperature-sensor.]