What's Changed
Learn about what changed in this release for PTX Series routers.
General Routing
-
Label for the hours unit of time displayed in output —When there are zero minutes in the output for the
show system uptime
command, the label for the hours unit of time is displayed.[See show system uptime.]
-
In the past inet6flow.0 was not allowed to be a primary rib in a rib-group. Starting with Release 22.3 this is now allowed.
-
Global tunnel termination option disables tunnel termination for all traffic (PTX10000 Series Routers)— You can use the set interfaces logical-interface-name unit n family inet/inet6 no-tunnel-termination command to block VXLAN tunnel termination for the port. Adding the no-tunnel-termination option disables tunnel termination for all traffic which the firewall filter would have otherwise allowed you to block termination based on IP addresses.
-
The active-user-count is defined as a numeric integer value in ODL request output —The output for the get-system-uptime-information ODL request contains information for the active-user-count. The active-user-count is now defined as a numeric integer value and avoids an invalid value type error.
[See show system uptime.]
-
Two new alarms are added and can be seen with MPC11E when 400G-ZR optics are used. High Power Optics Too Warm: warning of the increase in chassis ambient temperature with no functional action taken on the optics Temperature too high for optics power on: New inserted optics when the chassis ambient temperature is elevated beyond the threshold will not be powered on and would need to be reinserted when the ambient temperature is within the acceptable range
-
The packet rate and byte rate fields for LSP sensors on AFT (with the legacy path) have been renamed as jnx-packet-rate and jnx-byte-rate and is in parity with the UKERN behavior. Previously, these rate fields were named as packetRate and byteRate.
-
Prior to this change the output of a
show task replication | display xml validate
returned an error of the form "ERROR: Duplicate data element <task-protocol-replication-name>. With this change the XML output is properly structured with no validation errors.
Interfaces and Chassis
-
Starting in Junos OS release 23.2R1 and Junos OS Evolved release 23.2R1-EVO, the output of
show chassis power
command displays the state of the power supply in PTX10003 and QFX10003 platforms.[See show chassis power.]
Junos XML API and Scripting
-
Ability to commit
extension-service file
configuration when application file is unavailable—When you set theoptional
option at theedit system extension extension-service application file file-name
hierarchy level, the operating system can commit the configuration even if the file is not available at the /var/db/scripts/jet file path.[See file (JET).]
-
Ability to restart restart daemonized applications—Use the
request extension-service restart-daemonize-app application-name
command to restart a daemonized application running on a Junos device. Restarting the application can assist you with debugging and troubleshooting. -
The
xmlns:junos
attribute includes the complete software version string (ACX Series, PTX Series, and QFX Series)—Thexmlns:junos
namespace string in XML RPC replies includes the complete software version release number, which is identical to the version emitted by theshow version
command. In earlier releases, thexmlns:junos
string includes only partial software version information.
Network Management and Monitoring
-
The connectivity fault management process (cfmd) runs only when the ethernet connectivity-fault-management protocol is configured.
-
Changes to the
show system yang package
(get-system-yang-packages
RPC) XML output (ACX Series, PTX Series, and QFX Series)—Theshow system yang package
command andget-system-yang-packages
RPC include the following changes to the XML output:The root element is
yang-package-information
instead ofyang-pkgs-info
.A
yang-package
element encloses each set of package files.The
yang-pkg-id
tag is renamed topackage-id
.If the package does not contain translation scripts, the Translation Script(s) (
trans-scripts
) value isnone
.
-
NETCONF server's
<rpc-error>
response changed when<load-configuration>
usesoperation="delete"
to delete a nonexistent configuration object (ACX Series, PTX Series, and QFX Series)—In an earlier release, we changed the NETCONF server's<rpc-error>
response for when an<edit-config>
or<load-configuration>
operation usesoperation="delete"
to delete a configuration element that is absent in the target configuration. We've reverted the changes to the<load-configuration>
response. -
operator
login class is restricted from viewing NETCONF trace files that areno-world-readable
(ACX Series, PTX Series, and QFX Series)—When you configure NETCONF tracing options at the[edit system services netconf traceoptions]
hierarchy level and you restrict file access to the file owner by setting or omitting theno-world-readable
statement (the default), users assigned to theoperator
login class do not have permissions to view the trace file. -
Support for the
junos:cli-feature
YANG extension (ACX Series, PTX Series, and QFX Series)—Thecli-feature
YANG extension identifies certain CLI properties associated with some command options and configuration statements. The Junos YANG modules that define the configuration or RPCs include thecli-feature
extension statement, where appropriate, in schemas emitted with extensions. This extension is beneficial when a client consumes YANG data models, but for certain workflows, the client needs to generate CLI-based tools.
PKI
-
Deprecating options related to certificate enrollment (Junos)—Starting in Junos OS Release 23.2R1, we’re deprecating earlier CLI options related to Public Key Infrastructure (PKI) to enroll and reenroll local certificate through Simple Certificate Enrolment Protocol (SCEP). The table below shows the Junos CLI commands and configuration statements with the options being deprecated. You can find the same CLI options now available under
scep
option in these commands and statements.Table 1: Deprecated Junos CLI Options Junos CLI Commands and Statements
Deprecated Options
set security pki auto-re-enrollment
certificate-id
request security pki local-certificate enroll
ca-profile
certificate-id
challenge-password
digest
domain-name
email
ip-address
ipv6-address
logical-system
scep-digest-algorithm
scep-encryption-algorithm
subject
request security pki node-local local-certificate enroll
ca-profile
certificate-id
challenge-password
digest
domain-name
email
ip-address
ipv6-address
logical-system
scep-digest-algorithm
scep-encryption-algorithm
subject
[See auto-re-enrollment (Security), request security pki local-certificate enroll scep, and request security pki node-local local-certificate enroll.]