What’s Changed

Flow-label configuration status for EVPN ELAN services—The output for the show evpn instance extensive command now displays the flow-label and flow-label-static operational status for a device and not for the routing instances. A device with flow-label enabled supports flow-aware transport (FAT) flow labels and advertises its support to its neighbors. A device with flow-label-static enabled supports FAT flow labels but does not advertise its capabilities.

OpenConfig container names for Point-to-Multipoint per interface ingress and egress sensors are modified for consistency from "signalling" to "signaling".

Prior to this change when route sharding is configured the output of CLI show route commands included information about sharding. After the change the use must add the "rib-sharding all" argument to CLI show route" commands to display sharding information.

New ARP and NDP packet classification (QFX10002, QFX10008, and QFX10016)—We've introduced two control plane classes for ARP and NDP packets received over VTEP interface. When your device identifies a packet as ARP or NDP, it performs an ingress port check which verifies whether the VTEP interface receives these packets. If VTEP interface receives the packet, datapath re-writes the control plane class to the newly defined values. Based on this new control plane class, the system performs the remaining packet processing and forwards the packets toward the host path. The system adds a separate DDoS policer to this ARP traffic, which ensures that the ARP traffic is not triggering underlay ARP DDoS violation.

In order to monitor vmhost storage usage: ? A new minor alarm, VMHost RE 0 Disk 1 inode usage breached threshold is introduced ? The existing minor alarm, VMHost RE 0 Disk 1 Usage is above threshold is changed to VMHost RE 0 Disk 1 Size usage breached threshold.

Qualification check for "ordered-by-user" — Review to check and confirm if hierarchies qualify for "ordered-by-user" list type. Once show policy-options prefix-list is initiated by the user, the hierarchies appear in the order updated by the user. This enhancement organizes the hierarchies in ascending order.

Instance type change is not permitted from default to L3VRF in open configuration (ACX Series, EX Series, MX Series, QFX Series, SRX Series, vMX, and vSRX)–DEFAULT_INSTANCE is the primary instance that runs when there is no specific instance type configured in the route <codeph>set routing-options?<codeph>. Any instance you explicitly configure is translated into set routing-instance r1 routing-options?. The issue appears in translation, when you change instance type DEFAULT_INSTANCE (any instance to DEFAULT_INSTANCE) to L3VRF or L3VRF to DEFAULT_INSTANCE. As a result, such changes are not permitted. Additionally, DEFAULT_INSTANCE can only be named DEFAULT, and DEFAULT is reserved for DEFAULT_INSTANCE, therefore allowing no such changes.

Display flexible algorithm information for SRv6 locators in TED database-Use the show ted database extensive command to view the metric, flags, and flexible algorithm information associated with a SRv6 locator. Prior to this release, this information was not included in the TED database.

[See show ted database.]

Enhancement to the jnxRmonAlarmState (ACX Series, EX Series, MX Series, NFX Series, PTX Series, QFX Series, SRX Series)—You can now view the following additional values for the jnxRmonAlarmState when you use the show snmp mib walk jnxRmonAlarmTable: fallingThreshold (6) - If the value is less than or equal to falling-threshold risingThreshold (5) - If the value is greater than or equal to rising-threshold getFailure (7)- If the value is any value other than noError for the current internal 'get' request In earlier releases, you could view only the following status for the jnxRmonAlarmState: unknown (1), underCreation (2), or active (3).

Junos YANG modules for RPCs include the junos:command extension statement (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, vMX, and vSRX)—The Junos YANG modules that define RPCs for operational mode commands include the junos:command extension statement in schemas emitted with extensions. The statement defines the CLI command for the corresponding RPC. The Juniper yang GitHub repository stores the RPC schemas with extensions in the rpc-with-extensions directory for the given release and device family. Additionally, when you configure the emit-extensions statement at the [edit system services netconf yang-modules] hierarchy level and generate the YANG schemas on the local device, the YANG modules for RPCs include the junos:command extension statement.

Starting Junos Evolved release 22.3R1, support is provided to limit Network Time Protocol (NTP) configuration to one address family (inet vs inet6). You can configure one source-address per inet and inet6 family for each routing-instance in NTP. For example, the following configuration is valid: set system ntp source-address 2620:149:1d06:100::1set system ntp source-address 10.10.10.100

AR replicators with OISM install multicast states only on the OISM SBD (QFX5130-32CD and QFX5700)—In an EVPN-VXLAN ERB fabric with many VLANs, QFX5130-32CD and QFX5700 switches running as assisted replication (AR) replicators with optimized intersubnet multicast (OISM) might have scaling issues when they install multicast (*,G) states (with IGMPv2) or (S,G) states (with IGMPv3). As a result, these switches only install these multicast states on the OISM supplemental bridge domain (SBD) VLAN. They don't install these states on all OISM revenue bridge domain VLANs. On those devices, you see multicast group routes only on the SBD in show multicast snooping route command output.

[See OISM and AR Scaling with Many VLANs].

Changes to the JSON encoding of configuration data for YANG leaf nodes of type identityref (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, vMX, and vSRX)—If a YANG leaf node is type identityref, Junos devices emit the namespace-qualified form of the identity in the JSON encoding of that node. In addition, Junos devices accept both the simple (no namespace) and the namespace-qualified form of an identity in JSON configuration data. In earlier releases, Junos devices only emit and accept the simple form of an identity. Emitting and accepting the namespace-qualified identity ensures that the device can properly resolve the value in the event that the YANG data model defines an identity and a leaf node containing the identifyref value in different modules.

The file copy command supports only text-formatted output in the CLI (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, vMX, and vSRX)—The file copy command does not emit output when the operation is successful and supports only text-formatted output when an error occurs. The file copy command does not support using the | display xml filter or the | display json filter to display command output in XML or JSON format in any release. We've removed these options from the CLI.

Persistent CLI timestamps—To have a persistent CLI timestamp for the user currently logged in, enable the set cli timestamp operational command. This ensures the timestamp shows persistently for each new line of each SSH session for the user or class until the configuration is removed.

To enable timestamp for a particular class with permissions and format for different users, configure the following statements: set system login class class name permissions permissions, set system login class class name cli timestamp, and set system login user username class class name authentication plain-text-password.