What's Changed

OISM SBD bit in EVPN Type 3 route multicast flags extended community—In EVPN Type 3 Inclusive Multicast Ethernet Tag (IMET) route advertisements for interfaces associated with the supplemental bridge domain (SBD) in an EVPN optimized intersubnet multicast (OISM) network, we now set the SBD bit in the multicast flags extended community. We set this bit for interoperability with other vendors, and to comply with the IETF draft standard for OISM, draft-ietf-bess-evpn-irb-mcast.You can see this setting in the output from the show route table bgp.evpn.0 ? extensive command.

[See CLI Commands to Verify the OISM Configuration.]

Group-based Policy (GBP) tag displayed with show bridge mac-table command—On platforms that support VXLAN-GBP, the show bridge mac-table command now displays a GBP TAG output column that lists the GBP tag associated with the MAC address for a bridge domain or VLAN in a routing instance. Even if the device doesn?t support or isn?t using GBP itself, the output includes this information for GBP tags in packets received from remote EVPN-VXLAN peers.

[See Example: Micro and Macro Segmentation using Group Based Policy in a VXLAN.]

When you run the run show lldp local-information interface interface-name | display xml command, the output is displayed under the lldp-local-info root tag and in the lldp-local-interface-info container tag. When you run the run show lldp local-information interface | display xml command, the lldp-tlv-filter and lldp-tlv-select information are displayed under the lldp-local-interface-info container tag in the output.

Change in use of RSA signatures with SHA-1 hash algorithm?Starting in Junos OS Release 24.2R1, there is a behavioural change by OpenSSH 8.8/8.8p1. OpenSSH 8.8/8.8p1 disables the use of RSA signatures with SHA-1 hash algorithm by default. You can use RSA signatures with SHA-256 or SHA-512 hash algorithm.

For MPC5E line card with flexible-queuing-mode enabled, queue resources are shared between scheduler block 0 and 1. Resource monitor CLI output displays an equal distribution of the total available and used queues between scheduler blocks. This correctly represents the queue availability to the routing engine.

Changes to the XML output for ping RPCs (MX480)—We've updated the junos-rpc-ping YANG module and the corresponding Junos XML RPCs to ensure that the RPC XML output conforms to the YANG schema. As a result, we changed the XML output for the following ping RPCs:

• <ping>—The XML output emits <ping-error-message> and <ping-warning-message> tags instead of <xnm:error> and <xnm:warning> tags.

• <request-ping-ce-ip>—The XML output is enclosed in an <lsping-results> root element.

• <request-ping-ethernet>—

  • The <ethping-results> root tag includes a <cfm-loopback-reply-entry> or <cfm-loopback-reply-entry-rapid> tag for each received response. In earlier releases, a single tag enclosed all responses.

  • The XML output includes only application specific error tags and omits <xnm:error> tags.

  • The <cfm-loopback-reply-entry-rapid> tag is now reflected in the YANG schema.

• <request-ping-overlay>—The <ping-overlay-results> element includes a new child tag <hash-udp-src-port>.

Viewing files with the file compare files command requires users to have maintenance permission—The file compare files command in Junos OS and Junos OS Evolved requires a user to have a login class with maintenance permission.

[See Login Classes Overview.

Increase in revert-delay timer range— The revert-delay timer range is increased to 600 seconds from 20 seconds.

[See min-rate.]

Configure min-rate for IPMSI traffic explicitly— In a source-based MoFRR scenario, you can set a min-rate threshold for IPMSI traffic explicitly by configuring ipmsi-min-rate under set routing-instances protocols mvpn hot-root-standby min-rate. If not configured, the existing min-rate will be applicable to both IPMSI and SPMSI traffic.

[See min-rate.]