Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

What's Changed

Learn about what changed in this release for QFX Series Switches.

EVPN

  • Commit error if interconnect and local route distinguishers have the same value-On EVPN data center interconnect (DCI) gateway devices, if you configure an interconnect RD at the [edit routing-instances name protocols evpn interconnect] hierarchy, the interconnect RD must be different from the local RD in the routing instance. If you try to configure the same value for the interconnect RD and the local RD in a routing instance, the device enforces this requirement by throwing a commit error. However, with DCI seamless stitching for EVPN Type 5 routes, you don't see the commit error prior to this release. Starting in this release, the device throws the commit error to enforce this condition for DCI stitching with Type 5 routes.

    [See route-distinguisher.]

MPLS

  • Display flexible algorithm information for SRv6 locators in TED database]--Use the show ted database extensive command to view the metric, flags, and flexible algorithm information associated with a SRv6 locator. Prior to this release, this information was not included in the TED database.

    [See show ted database.]

Network Management and Monitoring

  • Junos YANG modules for RPCs include the junos:command extension statement (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, vMX, and vSRX)--The Junos YANG modules that define RPCs for operational mode commands include the <codeph>junos:command</codeph> extension statement in schemas emitted with extensions. The statement defines the CLI command for the corresponding RPC. The Juniper YANG GitHub repository stores the RPC schemas with extensions in the rpc-with-extensions directory for the given release and device family. Additionally, when you configure the emit-extensions statement at the [edit system services netconf yang-modules] hierarchy level and generate the YANG schemas on the local device, the YANG modules for RPCs include the junos:command extension statement.

  • Enhancement to the jnxRmonAlarmState (ACX Series, EX Series, MX Series, NFX Series, PTX Series, QFX Series, SRX Series)—You can now view the following additional values for the jnxRmonAlarmState when you use the show snmp mib walk jnxRmonAlarmTable: fallingThreshold (6) - If the value is less than or equal to falling-threshold risingThreshold (5) - If the value is greater than or equal to rising-threshold getFailure (7)- If the value is any value other than noError for the current internal 'get' request In earlier releases, you could view only the following status for the jnxRmonAlarmState: unknown (1), underCreation (2), or active (3).

  • operator login class is restricted from viewing NETCONF trace files that are no-world-readable (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, vMX, and vSRX)—When you configure NETCONF tracing options at the [edit system services netconf traceoptions] hierarchy level and you restrict file access to the file owner by setting or omitting the no-world-readable statement (the default), users assigned to the operator login class do not have permissions to view the trace file.

Platform and Infrastructure

  • AR replicators with OISM install multicast states only on the OISM SBD (QFX5130-32CD and QFX5700)—In an EVPN-VXLAN ERB fabric with many VLANs, QFX5130-32CD and QFX5700 switches running as assisted replication (AR) replicators with optimized intersubnet multicast (OISM) might have scaling issues when they install multicast (*,G) states (with IGMPv2) or (S,G) states (with IGMPv3). As a result, these switches only install these multicast states on the OISM supplemental bridge domain (SBD) VLAN. They don't install these states on all OISM revenue bridge domain VLANs. On those devices, you see multicast group routes only on the SBD in <cli>show multicast snooping route<cli> command output.

    [See OISM and AR Scaling with Many VLANs.]

  • Prior to this change when route sharding is configured the output of CLI show route commands included information about sharding. After the change the use must add the "rib-sharding all" argument to CLI show route commands to display sharding information.

  • New ARP and NDP packet classification (QFX10002, QFX10008, and QFX10016)--We've introduced two control plane classes for ARP and NDP packets received over VTEP interface. When your device identifies a packet as ARP or NDP, it performs an ingress port check which verifies whether the VTEP interface receives these packets. If VTEP interface receives the packet, datapath re-writes the control plane class to the newly defined values. Based on this new control plane class, the system performs the remaining packet processing and forwards the packets toward the host path. The system adds a separate DDoS policer to this ARP traffic, which ensures that the ARP traffic is not triggering underlay ARP DDoS violation.

  • The ping host | display xml command produces CLI output without errors (ACX Series, PTX Series, and QFX Series) — In Junos OS release 22.4R2, the ping host | display xml command now produces CLI output formatted in XML.

    [See ping.]

  • Instance type change is not permitted from default to L3VRF in open configuration (ACX Series, EX Series, MX Series, QFX Series, SRX Series, vMX, and vSRX)—DEFAULT_INSTANCE is the primary instance that runs when there is no specific instance type configured in the route set routing-options?. Any instance you explicitly configure is translated into set routing-instance r1 routing-options?. The issue appears in translation, when you change instance type DEFAULT_INSTANCE (any instance to DEFAULT_INSTANCE) to L3VRF or L3VRF to DEFAULT_INSTANCE. As a result, such changes are not permitted. Additionally, DEFAULT_INSTANCE can only be named DEFAULT, and DEFAULT is reserved for DEFAULT_INSTANCE, therefore allowing no such changes.

Software Installation and Upgrade

  • New options for the request system snapshot command (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—The request system snapshot command includes new options for non-recovery snapshots. You can include the name option to specify a user-defined name for the snapshot, and you can include the configuration or no-configuration option to include or exclude configuration files in the snapshot. By default, the snapshot saves the configuration files, which include the contents of the /config and /var directories and certain SSH files.

    [See request system snapshot (Junos OS with Upgraded FreeBSD).]

User Interface and Configuration

  • Persistent CLI timestamps-To have a persistent CLI timestamp for the user currently logged in, enable the set cli timestamp operational command. This ensures the timestamp shows persistently for each new line of each SSH session for the user or class until the configuration is removed. To enable timestamp for a particular class with permissions and format for different users, configure the following statements: set system login class <variable>class name</variable> permissions <variable>permissions</variable> set system login class <variable>class name</variable> cli timestamp set system login user username class <variable>class name</variable> authentication plain-text-password Note: The default timestamp format is %b %d %T. You can modify the format per your requirements. For example, you can configure the following statement:set system login class <variable>class name</variable> cli timestamp format "%T %b %d To enable timestamp for a particular user with default class permissions and format, configure the following statements: set system login user username class <variable>class name</variable> authentication plain-text-passwordset system login user <variable>username</variable> cli timestamp