Software Installation and Upgrade
-
Base OS update (ACX Series and PTX Series)—Starting in Junos OS Evolved Release 24.2R1, Junos OS Evolved uses the Wind River Linux LTS 22 base OS. This upgrade provides improved security and better performance. In earlier releases, Junos OS Evolved used the Wind River Linux LTS 19 base OS.
-
Migrate to GPT disk partitioning (ACX Series and PTX Series)—Starting in Junos OS Evolved Release 24.2R1, we support migrating to GUID Partition Table (GPT) disk partitioning. GPT is the native disk partitioning scheme used by UEFI BIOSes. GPT is similar to the Master Boot Record (MBR) disk partitioning scheme used by traditional BIOSes. All Junos OS Evolved platforms support GPT natively. However, we default to MBR disk partitioning because Junos OS Evolved was originally ported to systems that used traditional BIOSes.
GPT has several advantages over MBR:
-
Support for much larger disks
-
Unique partition ID support by using GUIDs
-
Human-readable partition names
-
Backup copies
When you install a release that supports GPT disk partitioning, you can:
-
For new installations, change the default partition scheme for both the primary and secondary disks to GPT immediately (for example, scratch installations to empty disks).
-
For existing installations, migrate to GPT disk partitioning for both the primary and secondary disks after a reboot of the system.
[See Software Installation and Upgrade Overview (Junos OS Evolved).]
-
-
Support for SZTP (ACX7100-32C and ACX7100-48L)—Starting in Junos OS Evolved Release 24.2R1, you can use RFC-8572-based secure zero-touch provisioning (SZTP) to bootstrap your remotely located network devices that are in a factory-default state. SZTP enables mutual authentication between the bootstrap server and the network device before the remote network device is accessed for initiating ZTP.
To enable mutual authentication, you need a unique digital voucher, which is generated based on the DevID (digital device ID or cryptographic digital identity) of the network device. The DevID is embedded inside the Trusted Platform Module (TPM) 2.0 chip on the network device. Juniper Networks issues a digital voucher to customers for each eligible network device.
-
Support for executing a pre-upgrade script with SZTP (ACX7024, ACX7100-32C, ACX7509, PTX10001-36MR, PTX10003, PTX10004, PTX10008, and PTX10016)—Starting in Junos OS Evolved Release 24.2R1, you can execute a pre-upgrade script to download signing keys or certificates for your third-party applications before provisioning your device. You can use the
pre-upgrade-script
XML tag to provide a pre-upgrade script as part of your onboarding information for SZTP. -
Support for executing a pre-upgrade script with ZTP (ACX7024, ACX7100-32C, ACX7509, PTX10001-36MR, PTX10003, PTX10004, PTX10008, and PTX10016)—Starting in Junos OS Evolved Release 24.2R1, you can execute a pre-upgrade script to download signing keys or certificates for your third-party applications before provisioning your device. You can also use a pre-upgrade script to specify the management and WAN interface names and the speed of the WAN interfaces for ZTP. ZTP uses this information to avoid cycling through the unnecessary speed groups where the interface does not reside.
You can use DHCP option 43 suboption 9 for DHCPv4 and DHCP option 17 suboption 9 for DHCPv6 to specify the name of your pre-upgrade script as part of the bootstrap information. You can also toggle the behavior for DHCPv4 option 43 suboption 5 to specify either the IP address of the FTP server or the HTTP port.
[See Zero Touch Provisioning.]
-
Support for HTTP and HTTPS authentication on ZTP (ACX7024, ACX7100-32C, ACX7509, PTX10001-36MR, PTX10003, PTX10004, PTX10008, and PTX10016)—Starting in Junos OS Evolved Release 24.2R1, you can enable basic HTTP and HTTPS authentication for IPv4 and IPv6.
To enable basic HTTP and HTTPS authentication for IPv4, use DHCP option 43 suboption 3. IPv6 ignores this option.
For IPv6, provide the authentication parameters through the boot file URL and the URLs for the image, configuration, and alternate image. The precedence is the URL for the image, followed by the configuration, and then the alternate image. After that, the boot file URL is used. For authentication, the transfer type needs to be either HTTP or HTTPS.
[See Zero Touch Provisioning.]
-
Support for HTTP and HTTPS proxy server on ZTP (ACX7024, ACX7100-32C, ACX7509, PTX10001-36MR, PTX10003, PTX10004, PTX10008, and PTX10016)—Starting in Junos OS Evolved Release 24.2R1, you can now configure an HTTP or HTTPS proxy server for ZTP.
To specify an HTTP or HTTPS proxy server for IPv4, use DHCP option 43 suboption 8.
To specify an HTTP or HTTPS proxy server for IPv6, use DHCP option 17 suboption 8.
[See Zero Touch Provisioning.]