Serviceability
-
Datapath trace debug (SRX Series Firewalls)—Starting in Junos OS Release 24.2R1, we’ve enhanced the datapath trace debug. With this enhancement, the flow trace provides:
-
Clear and concise information
-
Packet tracking information
-
Information about missing trace logs
-
Ensure to capture a finite number of initial trace messages
[See Understanding Data Path Debugging for SRX Series Devices.]
-
-
IDP signature package improvements (SRX Series Firewalls and vSRX3.0)—Starting in Junos OS Release 24.2R1, we’ve made enhancements to improve the reliability of package updates and validation of update installation. The system automatically rolls back the signature package if the security package installation fails.
In the case of a multi-SPC/PIC device, when a failure occurs in the data plane after a signature pack is installed, the security package is rolled back once the PICs come back online. This action limits potential damage.
In a high-availability environment, to prevent failovers from occurring in a loop, the integrity validation is conducted during the primary node installation stage. The system installs the security package on the secondary node only after confirming that the package has no integrity issues.