What's Changed

Flow-label configuration status for EVPN ELAN services The output for the show evpn instance extensive command now displays the flow-label and flow-label-static operational status for a device and not for the routing instances. A device with flow-label enabled supports flow-aware transport (FAT) flow labels and advertises its support to its neighbors. A device with flow-label-static enabled supports FAT flow labels but does not advertise its capabilities.

Updated output for show route table—The output for show route table bgp.evpn.0 now displays L2 service TLV type. Previously, the output displayed the L3 service TLV.

New enhancement "udp source port" introduced in Junos OS Release 22.4R1 for overlay ping and traceroute— In Junos OS releases prior to 22.4R1, you could not configure the udp source port in a ping overlay or traceroute overlay operation. You may now configure this value in an EVPN-VXLAN environment using hash. The configuration option hashwill override any other hash-* options that may be used to determine the source port value.

The connectivity fault management process (cfmd) runs only when the ethernet connectivity-fault-management protocol is configured.

Prior to this change the output of a show task replication | display xml validate command returned an error of the form ERROR: Duplicate data element task-protocol-replication-name. With this change the XML output is properly structured with no validation errors.

Label for the hours unit of time displayed in output—When there are zero minutes in the output for the show system uptime command, the label for the hours unit of time is displayed.

[See show system uptime.]

In the past inet6flow.0 was not allowed to be a primary rib in a rib-group. Starting with Release 22.3 this is now allowed.

The active-user-count is defined as a numeric integer value in ODL request output—The output for the get-system-uptime-information ODL request contains information for the active-user-count. The active-user-count is now defined as a numeric integer value and avoids an invalid value type error.

[See show system uptime.]

The packet rate and byte rate fields for LSP sensors on AFT (with the legacy path) have been renamed as jnx-packet-rate and jnx-byte-rate and is in parity with the UKERN behavior. Previously, these rate fields were named as packetRate and byteRate.

Multicast debug information added in EVPN options to request system information command (MX Series and QFX Series)—The output from CLI command request support information evpn-vxlan now includes additional information to help debug EVPN multicast issues.

[See request support information.]

Increased maximum limit for TTP TLVs (MX Series)—The Junos Kernel now accommodates an increased number of TTP TLVs (TNP Tunneling Protocol: type, length, and value messages) to help avoid dropped packets.

[See show system statistics.]

Two new alarms are added and can be seen with MPC11E when 400G-ZR optics are used. High Power Optics Too Warm: warning of the increase in chassis ambient temperature with no functional action taken on the optics Temperature too high for optics power on: New inserted optics when the chassis ambient temperature is elevated beyond the threshold will not be powered on and would need to be reinserted when the ambient temperature is within the acceptable range.

When subscribing to the resource path /junos/system/linecard/environment, the prefix for the streamed path at the collector side was displaying as /junos/linecard/environment. This issue is resolved in Junos OS 23.1R1 and Junos OS Evolved 23.1R1 and the subscription path and the streamed path match to display /junos/system/linecard/environment.

The Ethernet link fault management process (lfmd) runs only when the link-fault-management protocol is configured.

PTP configuration might not function correctly on an MX10008 Router with JNP10K-LC2101 Line card: - when Hypermode is enabled. Hypermode can be enabled by default when MX10008 Router has Switch Fabric Board 2 (SFB2), or by using the command set forwarding-options hyper mode. Hence, such PTP interfaces (slave, master, stateful) are unsupported. - if an aggregated Ethernet (AE) interface is configured and either the primary or secondary links on the AE do not support PTP with Hypermode, then the whole AE is marked as unsupported.

An optics configuration mismatch alarm may be triggered when there is a discrepancy between the configured speed of an interface and the supported speed of the optic. This alarm indicates that the optic installed in the specified FPC is incompatible with the speed configured on the interface.

Change the output of the show arp command to display IP addresses and hostnames (MX Series routers)—You can force the show arp command output to display the IP address next to the hostname of each device. To do this, enable the force-show-arp-resolve statement at the [edit system services subscriber-management overrides] hierarchy level. This makes it easier to manage subscriber access if your subscriber configuration relies on the IP addresses of the devices.

[See overrides (Enhanced Subscriber Management) and Configuring Junos OS Enhanced Subscriber Management.]

Before this change the output of a "show task replication logical-system all | display xml validate" command reported an error. After the change the output is correctly formatted with a "logical-system" root tag and no validation error occurs.

Support for podman-based JDM deployment--Starting in Junos OS Release 23.2R1, the external server-based Junos node slicing supports deployment of Juniper Device Manager (JDM) using the Pod Manager tool (podman). This change is applicable to servers running Red Hat Enterprise Linux (RHEL) 9. In Junos releases prior to 23.2R1, Junos node slicing supported RHEL 7.3 that provided libvirt?s lxc driver (libvirt-lxc) to deploy JDMs.

Ability to commit extension-service file configuration when application file is unavailable—When you set the optional option at the [edit system extension extension-service application file file-name] hierarchy level, the operating system can commit the configuration even if the file is not available at the <filepath>/var/db/scripts/jet</filepath> file path.

[See file (JET).]

Ability to restart daemonized applications—Use the request extension-service restart-daemonize-app application-name command to restart a daemonized application running on a Junos device. Restarting the application can assist you with debugging and troubleshooting.

[See request extension-service restart-daemonize-app.]

The xmlns:junos attribute includes the complete software version string (ACX Series, EX Series, MX Series, QFX Series, SRX Series, vMX, and vSRX)—The xmlns:junos namespace string in XML RPC replies includes the complete software version release number, which is identical to the version emitted by the show version command. In earlier releases, the xmlns:junos string includes only partial software version information.

Increased range and maximum range for revert-time—We increased the range for revert-time from 600 to 3600 seconds and the maximum range from 1200 to 7200 seconds.

[See revert-time.]

Change in display of affinity constraints to hexadecimal values (MX10004, ACX7100-32C, ACX7100-48L, ACX7509, ACX7024, PTX10001-36MR, PTX10004, PTX10008, and PTX10016)-Starting in Junos OS release 22.4R1 and Junos Evolved Release 22.4R1, in the output of the show ted spring-te-policy extensive operational command, the affinity constraints will be displayed in hexadecimal format instead of decimal.

[See show ted spring-te-policy extensive.]

Changes to the show system yang package (get-system-yang-packages RPC) XML output (ACX Series, EX Series, MX Series, QFX Series, SRX Series, vMX, and vSRX)—The show system yang package command and <get-system-yang-packages> RPC include the following changes to the XML output:

• The root element is yang-package-information instead of yang-pkgs-info.

• A yang-package element encloses each set of package files.

• The yang-pkg-id tag is renamed to package-id.

• If the package does not contain translation scripts, the Translation Script(s) (trans-scripts) value is none.

Support for the junos:cli-feature YANG extension (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, vMX, and vSRX)—The cli-feature YANG extension identifies certain CLI properties associated with some command options and configuration statements. The Junos YANG modules that define the configuration or RPCs include the cli-feature extension statement, where appropriate, in schemas emitted with extensions. This extension is beneficial when a client consumes YANG data models, but for certain workflows, the client needs to generate CLI-based tools.

[See Understanding the Junos DDL Extensions YANG Module.]

Changes to the NETCONF server's rpc-error element when the operation="delete" operation deletes a nonexistent configuration object (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, vMX, and vSRX)—We've changed the rpc-error response that the NETCONF server returns when the [edit-config] or load-configuration operation uses operation="delete" to delete a configuration element that is absent in the target configuration. The error severity is error instead of warning, and the rpc-error element includes the (error-tag) data-missing (error-tag) and (error-type) application(error-type) elements.

NETCONF server's <rpc-error> response changed when <load-configuration> uses operation="delete" to delete a nonexistent configuration object (ACX Series, EX Series, MX Series, QFX Series, SRX Series, vMX, and vSRX)—In an earlier release, we changed the NETCONF server's <rpc-error> response for when an <edit-config> or <load-configuration> operation uses operation="delete" to delete a configuration element that is absent in the target configuration. We've reverted the changes to the <load-configuration> response.

Changes to the RPC response for <validate> operations in RFC-compliant NETCONF sessions (ACX Series, EX Series, MX Series, QFX Series, SRX Series, vMX, and vSRX)—When you configure the rfc-compliant statement at the [edit system services netconf] hierarchy level, the NETCONF server emits only an <ok/> or <rpc-error> element in response to <validate> operations. In earlier releases, the RPC reply also includes the <commit-results> element.

The ping host | display xml validate command validates XML without error (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, and vMX) — In Junos OS and Junos OS Evolved releases prior to 22.4R2, the ping host | display xml validate command results in CRITICAL ERROR: Root tag name mismatch. Expected 'ping-results', got 'run-command'. The command now validates the XML successfully without error.

[See ping.]

Prior to this change, devices by default responded only to ARP requests originating from the same subnet. Configure the new CLI option, "respond-out-of-subnet" at the edit system arp hierarchy level to allow ARP reply to a request that originates from a different subnet.

Deprecating options related to certificate enrollment (Junos)—Starting in Junos OS Release 23.2R1, we’re deprecating earlier CLI options related to Public Key Infrastructure (PKI) to enroll and reenroll local certificate through Simple Certificate Enrolment Protocol (SCEP). The table below shows the Junos CLI commands and configuration statements with the options being deprecated. You can find the same CLI options now available under scep option in these commands and statements.

[See auto-re-enrollment (Security), request security pki local-certificate enroll scep, and request security pki node-local local-certificate enroll.]

Prior to this change the output of the "show isis statistics interface interface_name | display xml" command used the XML tag "interface-name", which generated an error. With the change the XML output uses the tag "isis-interface-name".

Prior to this change the output of the "show isis spring flex-algorithm | display xml" command was invalidly formatted when multiple flex algorithm instances were configured. With the change, the XML output is properly structured showing flex algorithm information for each instance. A new XML tag "isis-spring-flex-algorithm" is added to bundle information for each instance.

New options for the request system snapshot command (ACX Series, EX Series, MX Series, QFX Series, and SRX Series)—The request system snapshot command includes new options for non-recovery snapshots. You can include the name option to specify a user-defined name for the snapshot, and you can include the configuration or no-configuration option to include or exclude configuration files in the snapshot. By default, the snapshot saves the configuration files, which include the contents of the /config and /var directories and certain SSH files.

[See request system snapshot (Junos OS with Upgraded FreeBSD).]

The xmlns:junos attribute includes the complete software version string (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, vMX and vSRX)—The xmlns:junos namespace string in XML RPC replies includes the complete software version release number, which is identical to the version emitted by the show version command. In earlier releases, the xmlns:junos string includes only partial software version information.