Professional Documents
Culture Documents
®
Release Notes: Junos OS Evolved Release
20.4R3 for the PTX10001-36MR, PTX10003,
PTX10004, PTX10008, QFX5130-32CD, and
QFX5220 Devices
7 October 2021
Contents Introduction | 4
Junos OS Evolved Release Notes for PTX10001-36MR, PTX10003, PTX10004, and PTX10008
Devices | 4
What's New | 4
What's Changed | 6
Known Limitations | 11
MPLS | 12
Open Issues | 12
General Routing | 13
Layer 2 Features | 14
2
MPLS | 14
Routing Protocols | 14
Resolved Issues | 15
Resolved Issues:20.4R1 | 20
What's New | 25
What's Changed | 30
Known Limitations | 34
Open Issues | 34
General Routing | 35
Layer 2 Features | 36
Routing Protocols | 36
Resolved Issues | 36
Licensing | 41
Documentation Feedback | 42
3
Revision History | 44
4
Introduction
Use these release notes to find new and updated features, software limitations, and open issues for Junos
OS Evolved Release 20.4R3.
These release notes are cumulative and are updated for later releases.
For more information on this release of Junos OS Evolved, see Introducing Junos OS Evolved.
IN THIS SECTION
What's New | 4
What's Changed | 6
Known Limitations | 11
Open Issues | 12
Resolved Issues | 15
These release notes accompany Junos OS Evolved Release 20.4R3 for PTX10001-36MR, PTX10003,
PTX10004, and PTX10008 Packet Transport Routers. They describe new and changed features, limitations,
and known and resolved problems in the hardware and software.
What's New
IN THIS SECTION
Learn about new features introduced in these releases for PTX Series routers.
There are no new features or enhancements to existing features in this release for PTX Series routers.
To view other features supported on the PTX platforms, view the Feature Explorer using the following
links. To see which features were added in the Junos OS Release Evolved 20.4R2 and earlier releases, click
the Group by Release link. You can collapse and expand the list as needed.
• PTX10001-36MR
• PTX10003
• PTX10004
• PTX10008
To view other features supported on the PTX platforms, view the Feature Explorer using the following
links. To see which features were added in the Junos OS Release Evolved 20.4R1 and earlier releases, click
the Group by Release link. You can collapse and expand the list as needed.
• PTX10001-36MR
• PTX10003
6
• PTX10004
• PTX10008
What's Changed
IN THIS SECTION
Learn about what changed in these releases for PTX Series routers.
7
General Routing
• Enhancement to the show interfaces (Aggregated Ethernet) command (PTX Series, and QFX Series)—
When you run the show interfaces extensive command for aggregated Ethernet interfaces, you can
now view following additional fields for MAC statistics : Receive, Transmit, Broadcast and Multicast
packets.
General Routing
• Enhancement to the show interfaces (Aggregated Ethernet) command (PTX Series and QFX
Series)—When you run the show interfaces extensive command for Aggregated Ethernet interfaces,
you can now view following additional fields for MAC statistics : Receive, Transmit, Broadcast and
Multicast packets.
General Routing
• SSH session connection attempt limits and connection limits (PTX Series and QFX Series)—We have
introduced the connection-limit and rate-limit options at the set system services ssh hierarchy level.
The default connection limit value is 75 connections, and the default rate limit value is 3 connections
per second. Junos OS measures the rate limit value per minute but Junos OS Evolved measures the rate
limit value per second.
• Secure boot disabled alarm is raised (PTX10008)—The Secure boot disabled alarm is raised when the
system boots with secure boot disabled in bios.
• Fault alarm generated for feed failure on a DC power supply (PTX10008)—A fault alarm is generated
when only one of the feeds on a DC power supply (A0 and B0 or A1 and B1) is faulty.
8
• PTX10003 routers do not support set chassis fpc fpc-slot power on—The PTX10003-80C and
PTX10003-160C routers do not support the set chassis fpc fpc-slot power on command. Executing this
command on an FPC which is offline could cause unintended reboots of the router.
• Warning message when taking an FPC offline—PTX10003-80C and PTX10003-160C devices do not
support the request chassis fpc slot slot-number online command. The only way to bring up an FPC
(MPC) that is offline is by rebooting the chassis. So, when you take an FPC offline by using the request
chassis fpc slot slot-number offline command, the screen displays the following message: 'Warning : FPC
slot cannot be made online using a CLI command. You need to perform router reboot using "request
system reboot" to online the FPC slot. Do you wish to continue ? [yes,no] (no).'
• The jcs:invoke() function supports suppression of root login and logout events in system log files for
SLAX event scripts (PTX Series and QFX Series)—The jcs:invoke() extension function supports the
no-login-logout parameter in SLAX event scripts. If you include the parameter, the function does not
generate and log UI_LOGIN_EVENT and UI_LOGOUT_EVENT messages when the script logs in as root
to execute the specified remote procedure call (RPC). If you omit the parameter, the function behaves
as in earlier releases in which the root UI_LOGIN_EVENT and UI_LOGOUT_EVENT messages are included
in system log files.
Software Licensing
• License key format (PTX10003-160C, PTX10003-80C, QFX5220-32CD, QFX5220-128C)—When you
are upgrading from Junos OS Evolved Release 20.4R1 to Junos OS Evolved Release 20.4R2 or later
releases, you need new license keys to use the features on the listed devices. Contact Customer Care
to exchange license keys for Junos OS Evolved Release 20.4R2 or later.
EVPN
• New output flag for the show bridge mac-ip table command—The Layer 2 address learning daemon
does not send updated MAC and IP Address advertisements to the Routing Protocol daemon when an
IRB interface is disabled in an EVPN-VXLAN network. Junos has added the NAD flag in the output of
the show bridge mac-ip-table command to identify the disabled IRB entries where the MAC and IP
address advertisement will not be sent.
• Updated XML output for show evpn p2mp—Starting with this release, when you pipe the output of the
show evpn p2mp command to the display xml option, Junos OS now returns an XML output with a
subtree structure for each neighbor. Prior to this release, the display XML returns an XML output with
all the neighbors under one tree structure.
General Routing
• Inet6 is disabled in VT interface (PTX10001-36MR, PTX10003, PTX10004, and PTX10008)—Starting
in this release, the inet6 statement at the [edit interfaces vt-interface-number unit unit-number family]
hierarchy level is disabled.
• The show chassis power command displays the power supply state (PTX10008 and PTX10004)—The
show chassis power command displays the information regarding the state of the power supply (for
instance, Online or Empty). This enhancement makes the show chassis power command output in Junos
OS Evolved software consistent with that in Junos OS software.
• Adaptive load balancing support (PTX10008)—You can configure adaptive load balancing on PTX10008
routers. When you configure adaptive load balancing, the show interfaces ae0 extensive command
displays adaptive statistics under the physical interface.
Layer 2 Features
• New commit check for MC-LAG (PTX Series)—We've introduced a new commit check to check the
values assigned to the redundancy group identification number on the MC-AE interface (
redundancy-group-id ) and ICCP peer (redundancy-group-id-list ) when you configure multichassis
aggregation groups (MC-LAGs). If the values are different, the system reports a commit check error. In
previous releases, if the configured values were different, the l2ald process would crash.
MPLS
• The show mpls lsp extensive and show mpls lsp detail commands display next hop gateway LSPid—
When you use the show mpls lsp extensive and show mpls lsp detail commands, you'll see next hop
gateway LSPid in the output as well.
[See rsvp-error-hold-time.]
• Disable back-off behavior on PSB2 (PTX Series and QFX Series)— We've introduced the cspf-backoff-time
statement globally for MPLS and LSP to delay the CSPF by configured number of seconds, on receiving
bandwidth unavailable PathErr on PSB2. If the configured value is zero, then the CSPF starts immediately
for PSB2, when bandwidth-unavailable PathErr is received. If the statement is not configured, the default
exponential back-off occurs.
[See cspf-backoff-time..]
• New TLV types and TLV type values in output field (PTX10001-36MR, PTX10003, PTX10004,
PTX10008, QFX5130-32CD, and QFX5220)—We've introduced TLV SR policy identifier, TLV SR
candidate path identifier, and TLV SR preference fields in the output for the show path-computation-client
tlv-types command. These new output fields help you in easily fetching the TLV type values used by
PCCD irrespective of whether the type values are experimental or standardized.
11
Routing Protocols
• Loading of the default configurations in a RIFT package causes the following changes:
1. Output of the show rift node status command displays the node ID in hexadecimal number even
though the node ID is configured in decimal, hexadecimal, or octal number.
2. Some of the DDoS default configurations change because of the DDoS protection interferes with
the RIFT BFD operation.
[See export-format.]
Known Limitations
IN THIS SECTION
MPLS | 12
Platform and Infrastructure | 12
Learn about known limitations in these releases for PTX Series routers.
For the most complete and latest information about known Junos OS Evolved defects, use the Juniper
Networks online Junos Problem Report Search application.
12
MPLS
• The rpd process might crash after a network service configuration is changed (for instance, changing
the range of MPLS labels) without rebooting all the Routing Engines (which is a system mandatory step).
PR1461468
• RPM is a Juniper Networks proprietary feature. In the case of Junos OS, the RPM client never set the
DF bit. Therefore, we do not see interwork failure issue between a Junos OS RPM client and a Junos
OS RPM server. Whereas in the case of Junos OS Evolved, the RPM client sets the DF bit while sending
the RPM probes to the RPM server. In case of Junos OS TVP-based platforms, the RPM server is unable
to decode the DF bit properly. This causes an interwork failure between Junos OS Evolved as the RPM
client and TVP platforms as the RPM server (and vice versa). This issue is not applicable for non-TVP-based
Junos OS platforms acting as the RPM server. PR1508127
Open Issues
IN THIS SECTION
General Routing | 13
Layer 2 Features | 14
MPLS | 14
Routing Protocols | 14
Learn about open issues in these releases for PTX Series routers.
For the most complete and latest information about known Junos OS Evolved defects, use the Juniper
Networks online Junos Problem Report Search application.
13
General Routing
• On PTX10008 routers, the subsystem within the Packet Forwarding Engine continues to monitor the
ASIC for new interrupts even for the ASIC for which all the interfaces are disabled. On an ASIC that has
all the interfaces disabled due to a fatal error, all the new interrupts that are reported after the fatal
event must be ignored. PR1470391
• Scheduler ingress Packet Forwarding Engine VOQ drop counters do not match egress queue drop
counters (diff > 100,000). PR1494785
• BGP-SRTE binding-sid with more than one label stack needs enhancement for PTX10003-80C and
PTX10003-160C. For PTX Series, it does not support more than 1 chain-composite-next-hop, you can
configure this CLI configuration statement to disable chain-composite-next-hop as work around. With
this configuration statement configured, all labels are pushed from egress.
protocols {
source-packet-routing {
no-chained-composite-next-hop;
}
}
PR1512213
• There is a small window during BGP neighbor or BGP RIB periodic streaming when the background
telemetry job gets suspended. There is a possibility that the node that is being rendered is deleted or
modified. If we are in the middle of rendering value for that particular node, the rpd might crash when
the telemetry job resumes because the node is no more valid. PR1512773
• Set of info level no passwd entry cron logs is displayed every one minute. PR1527266
• This is a day one issue. When a new p2mp template (say template1) is added, it overwrites the
default_p2mp template for the LSPs. When we update from template1 to template2, the change does
not take effect. The issue has a workaround by removing p2mp template for template1 and then re-adding
the template2. Therefore, the fix commit is not required for multiple other scopes at this point in time.
PR1564795
• When an aggregated Ethernet link is brought down, a transient error message: [Error] Nexthop:
EalNhHandler: failed to add Nh: xxxx, type: composite, as pil add failed might be seen. There is no
functional impact due to this error. PR1570710
• In the transient state (deactivate aggregate Ethernet interface or restart FPC), if P2MP is configured,
the Routing Engine might temporarily send message to install composite next hop with 0 child. It triggers
14
the reported error message on the Packet Forwarding Engine as expected. There is no functional impact.
PR1600642
• In PTX10008, at times, MVRP enabled trunk ports can go into blocked or designated state if the peer
connected to the interface has no vlans configured in its trunk port. PR1601915
• Port mirroring configuration stops working, when a given Packet Forwarding Engine restarts. PR1618589
Layer 2 Features
• It is observed rarely that issuing request system zeroize does not trigger zero-touch provisioning. As a
workaround, re-initiate the ZTP. PR1529246
MPLS
• The in-progress change of weighted ECMP to ECMP and vice versa does not take full effect for all routes
using the LSPs until all the LSPs currently signaled with non-zero bandwidth have gone through at least
one of the MBB/clear/disable events. The traffic distribution is not as expected until all the LSPs finish
the transition. This is because without any of those triggers, the LSP does not automatically update the
next hop based on weighted ECMP configuration, next-hop content of each participation LSP affects
the traffic distribution among ECMP paths. The weighted ECMP distribution ratio is not as expected
until the adjustment of all LSPs are finished. PR1501860
• When we configure minimum-bandwidth, the LSP is still resignalled with the previous configured
minimum-bandwidth and not the current configured minimum-bandwidth. PR1526004
• On all Junos OS Evolved based platforms, the SNMP polling failures timeout might be observed when
the number of outstanding requests to any subagent (mib2d, snmpd-subagent) reaches 500. This impacts
the snmp polling functionality. PR1585409
Routing Protocols
• A BGP core file might be seen after loading a new image on the backup Routing Engine. This is a timing
issue. These three events need to happen to generate this core file:PR1583630
1. An interface flap.
2. A peer over this interface has not been synced with the primary Routing Engine.
15
3. GP triggers multipath calculation before the sync and uses the route that has not been marked to be
deleted from this peer as a multipath contributor.
• For some releases, the route validation status in show task replication shows up even when
origin-validation is not configured. Ideally the route validation status must not be supported and should
be hidden when the origin-validation is not configured. PR1583692
• In BGP RPKI (Resource Public Key Infrastructure) scenario, if the session record-lifetime is configured
less than the hold-time, the record-lifetime for route validation (RV) might expire while the session is
still up, which causes the rpd crash. PR1585321
• In BGP multipath scenario, if an interface for a single hop EBGP peer goes down, the rpd might crash
on the backup Routing Engine. If NSR switchover is performed, the rpd crash might be observed on the
new primary Routing Engine, therefore there might be traffic impact. PR1589141
• BGP does per design take the delete of BGP literally and will force delete everything in BGP, which can
take time depending on the scale. The dependencies on other protocols within rpd as well as the policies
complexities. Reconfiguring BGP while the delete is ongoing is seen as a fresh start and we are not
making any effort into reusing what existed there. The benefit is that we are sure everything is built
from scratch and we are not left with a surprising state which may cause trouble later. The disadvantage
is that, it might take longer. Deactivate is a CLI way to delete something, but leave the configuration
visible to the user. Deleting BGP is a brute force removal of BGP without attempting to recover state if
the configuration is added. The only commitment BGP has that it works at the end, but noting about
the time it may take. deactivate/activate is not "simulating" a failure on the system as it is a forced delete.
"clear bgp neighbor all" or "flap the interfaces bgp is on" are better ways to do so, if the intend is to verify
a "big outage" is recovering in time. PR1605458
• When a user tries to deactivate the MPLS-related configuration, the commit fails on the backup Routing
Engine. PR1519367
• On Junos OS Evolved PTX Series devices, the firewall filter for both IPv4 and IPv6 does not work when
it is applied through apply-groups on the subinterface. PR1534858
Resolved Issues
IN THIS SECTION
Resolved Issues:20.4R1 | 20
Learn about the issues fixed in these releases for PTX Series routers.
For the most complete and latest information about known Junos OS Evolved defects, use the Juniper
Networks online Junos Problem Report Search application.
General Routing
• PTX10003-80C configuration archival might not work. PR1540843
• On PTX10003, GRE keepalive packet with recursion control bit set gets dropped. PR1602353
• The host loopback wedge might be detected in Packet Forwarding Engine when the aggregate Ethernet
bundle configuration is deleted. PR1605599
• The DNS lookup might fail on all Junos OS Evolved platforms. PR1607505
Infrastructure
• Malformed packets might be sent out on egress interfaces in Junos OS Evolved platform. PR1603783
General Routing
• EXP rewrite might not take effect on the exposed label during performing PHP. PR1538918
• Huge invalid statistics shown in show interface statistics when an interface is being removed and added
from the aggregated Ethernet bundle. PR1575623
• Traffic loss observed on global repair after disable of active path forcing FRR. PR1589803
• Duplicate Junos Telemetry Interface leaf oper-status tag for IFD index 16386 have mismatch value.
PR1592468
• After Routing Engine switchover, error messages associated: JexprSlowCntrRead - Unable to get the
plct Inst for pfeIdx: 255, User-type: OVFM_OFFCHIP_NEXTHOP_CNTR PR1593079
• Port mirroing instance down with mirrored output as tagged interface. PR1593079
• Load-balance might not take effect for the L2VPN traffic on the PTX10008 platforms. PR1593548
• On Junos OS Evolved platforms, type leaf value for FPC3:PIC0:PORT0:XcvrX displays XCVR as opposed
to TRANSCEIVER displayed in Junos OS.PR1595103
• Some TCP sessions might not be established after performing the request system snapshot command.
PR1595470
Infrastructure
• TCP server with low TCP MSS causes TCP session not to be established on Junos OS Evolved platforms.
PR1587748
• FTP IPv6 server function might fail on all Junos OS Evolved platforms. PR1591733
General Routing
• [Junos OS-Junos OS Evolved Changes] Utility: Differences in xml tags for show system virtual-memory
PR1438110
• PTX10008: No cmerror is raised for certain PIO errors when accessing the Packet Forwarding Engine
ASIC. PR1491130
• A set of info level orphan (no password entry) cron logs is displayed every 1 minute. PR1527266
• PTX10001-36MR :: - IP-IP: Routing Engine initiated traceroute packets are not using IP-IP encapsulation.
PR1545049
• The software rollback might not work correctly on Junos OS Evolved platforms. PR1556641
• Upgrade/downgrade: Serviceability: In case of upgrade failure, log files capturing upgrade fail reason do
not give meaningful information to the user. PR1556807
• PTX10008:Junos OS Evolved plugged-in FPCs are automatically turning into online state, post performing
switchover to primary. PR1557419
19
• [pfe] [pfe] PTX10008: Junos OS Evolved: Error messages are seen @Error] Jexpr: CoS Scheduler Express
Handle: Destructor: Interface Physical Handle is NULL. streamIndex:1147 schedNodeToken:4508 while
executing 2000 static SR-TE scale in PTX10008. PR1558328
• PTX10008: Unable to open user interface connection: management daemon not responding, unable to
go to edit or configuration mode. PR1559070
• The FPC might reboot in a high-scale configuration scenario on Junos OS Evolved PTX10008 platform.
PR1560757
• Traffic drop might be seen after Packet Forwarding Engine restart. PR1560901
• Timingd-lc errors CdaExprClient: grpc api call ExprServerInfoGet failed and CdaExprClient: Failed to
fetch server info error:5 are seen on all FPCs after restarting the router or FPC. PR1561362
• Complete ingress multicast traffic loss might be seen on interfaces that are flapped using Packet
Forwarding Engine offline or online command. PR1562452
• For topologies involving high ingress and transit LSP scale on the PTX10008 Junos OS Evlved platforms,
error messages can be seen in journalctl when tearing down the ingress and transit LSPs. This leads to
slow hardware resource leaks for the ASIC on chip memory associated with nexthops. PR1562503
• Improved request system software delete CLI command to add new option archived to delete all old
software versions except current and rollback. PR1566173
• Observed license-check core file on RE-1 during runtime removal of CB[0] SAM FPGA from the PCIe
device. PR1567066
• The Layer 2 Control Protocol (l2cpd) process might crash on Junos OS Evolved platforms with dual
Routing Engines. PR1580479
• [mpls] PTX10004 :: PTX10004 - after disable active path, forcing FRR, large traffic loss is seen. We also
see irp.core.trapcode.cfg_err counter increased. PR1582170
• The CLI command show chassis craft-interface does not show correct PSM LED status on PTX10008
Junos OS Evolved. PR1582444
• Major alarm application config-sync failure on the backup Routing Engine might be seen after USB
upgrade. PR1582717
• New primary might be struck with Switchover is in transition, Please wait after primary reboot test case
if the switchover happens back-to-back within 2-3 seconds. PR1583347
20
• SIB state might not be updated properly when it is physically removed from chassis during swo.
PR1584706
Infrastructure
• [mgd_infra] [mgdtag] : Junos OS Evolved-PTX10003 :: Default multicast ff00::/8 route not available,
while verifying IPv6 multicast routes. PR1563940
• Next-hop incorrectly associated with lo0 in forwarding-table when interface is configured as unnumbered.
PR1570918
• Toggle of the interface-specific field of filter already bound to the interface is not allowed. PR1571654
• shell-init: error retrieving current directory: getcwd: cannot access parent directories: No such file or
directory. PR1549479
Resolved Issues:20.4R1
• any/any
PR1524259
21
• [cos] [scheduler] PTX10008 :: Junos OS Evolved CoS: The CoSd does not come up online hence
classifier/rewrite/scheduler functionalities are not working, after the ingress FPC4 restarts with 125%
over-subs traffic.PR1544531
• After commit a configuration, a Junos OS Evolved object might depend on other objects that do not
exist yet. PR1548014
Fault Management
• Cmerror of IGP UPS (Upstream) type causes a traffic impact which is seen on ZX ASIC (PTX10003).
PR1499291
General Routing
• LSP statistics CLI is slow in a scaled scenario during installation time. PR1416363
• On PTX10008 routers, the subsystem within the Packet Forwarding Engine continues to monitor the
ASIC for new interrupts even for the ASIC for which all the interfaces are disabled. On an ASIC that has
all the interfaces disabled due to a fatal error, all the new interrupts that are reported after the fatal
event should be ignored. PR1470391
• [cos] [scheduler] PTX10008:scheduler with all queues oversubscribed, maximum latency is different on
different queues - 21ms ~ 29ms. PR1478811
• Colored packets are not policed as expected due to policer inaccuracy for color-blind single-ratethree-color
policer at lower BW limits. PR1497856
• Junos OS Evolved versus Junos OS (serviceability) - Resilient hash seed configuration is not supported
in Junos OS Evolved Release on PTX10003 or PTX10008. PR1504461
• Junos OS Evolved- Aggregate Ethernet interfaces do not display member links' statistic. PR1505596
• Traffic flow might be blocked if MTU configured under IFD is greater than MTU configured under IFF.
PR1505769
• The evo-aftmand process might be stuck at 100% CPU usage in a scaled setup. PR1511597
• Firewalld generates a core file after deleting and adding the filter back in single commit. PR1512065
• When all the 4x400G and 4x100G of PFE0 ports are used inside one portion of the chip, there can be
impact on the traffic throughput performance. PR1518368
• With traffic running, if the FPC that is connected to the traffic generator reboots, it might lead to a stuck
traffic scenario on certain ports post resumption. PR1523066
• Junos OS Evolved:PTX10008: observing reboot delay in software add reboot, rollback reboot commands.
PR1525286
• Hwdre generates a core file when trying to take a faulty SIB to the offline state. PR1527790
22
• Host path corruption might be observed after output filters are configured on some Junos OS Evolved
devices. PR1528368
• The FPC does not boot if the primary BIOS is corrupted (with FPC primary BIOS corruption golden BIOS
failed to reprogram primary). PR1528469
• PTX10008 - FPC reboots if DDoS violations are seen during FPC restart. PR1529847
• On Junos OS a few IPsec-related commands are removed on limited image on limited SKU. PR1530021
• PTX10001-36MR :: When the fabric hub process is restarted with the blackhole detection disable and
fabric degrade detection enable configuration, it might result in traffic loss.PR1530484
• show pfe statistics error should print counters for meaningful errors. PR1530710
• Traffic loss might happen after performing GRES in the Junos OS Evolved enabled chassis-based systems.
PR1532446
• SNMP does not send a response when requested with partial FRU information on certain PTX Series
platforms running Junos Evolved.
• PTX10008 : Multicast - After FPC restart observing both traffic flood and loss toward downstream
aggregated Ethernet receiver interfaces. PR1535545
• show version and show version detail missing a few tags on Junos OS Evolved compared to Junos OS.
PR1536027
• Physical interface does not come back to up state after configuration changes at the peer end. PR1536270
• The cosd might crash when multiple configuration changes are made in a single commit. PR1536320
• The show chassis environment command reports some ZF internal temperatures as 0 degrees C.
PR1536497
• The protocol LLDP might not be enabled after loading the factory-default configuration. PR1536531
• Duplicate code point bits/code point alias should not be allowed and commit error should be thrown,
due to missing commit check, cosd cores. PR1537289
• Dependency-state details for the type net::juniper::hwd::fruHwStatus are seen after hwdfpc app restarts
with LSR core file profile configuration. PR1537409
• On a PTX10008 running Junos OS Evolved, running PIM Dense Mode (DM) might cause an FPC to
restart unexpectedly. PR1537700
• [interface] PTX10001-36MR: Interface not coming up after enabling and disabling local loopback
configuration. PR1538393
• Next-hop addCollision errors are seen with scaled multicast routes. PR1538849
23
• On re0 cli node reboot, rpd is unable to connect to snmpd and hence we see scheduler slips in rpd and
protocol sessions flap. PR1539705
• On PTX10001-36MR on ports et-0/1/2 and et-0/2/2, Channel 1 does not come up on channelizing
100-Gbps to 2x50-Gbps speed.. PR1539795
• On PTX10001-36MR ping fails on all channels when some ports with 400GbE DAC are channelized to
8x25GbE and 8x50GbE. PR1539859
• On PTX10001-36MR traffic might not flow through channels 2 and 3 of some ports with 40G optics
that are channelizing to 4x10GbE. PR1539864
• PTX10008 : Multicast traffic silent packet drop on downstream adjacent node seen for ~5-6 seconds
as dlu.ucode.inv_start_pc trap after aggregated Ethernet member link delete / add on PTX10008 node.
PR1539912
• PTX10003: Multicast traffic drops after port is converted from trunk to access for a Layer 2 bridging
case. Unicast and broadcast traffic are not affected. PR1540495
• PTX10008: 'SIB 0 ZF0 internal temp' sensor normal fan speed temperature threshold is set to 0.
PR1540576
• PTX10008: Component Upgrade: Software rollback timed out when moving from image based on Junos
OS Evolved Release 20.3R1 (mod in some apps) to Junos OS Evolved Release 20.3R1-202009111855.0
same image. PR1541509
• [cos] [scheduler] : PTX10008 : Junos OS Evolved CoS: The show interfaces voq ae2 non-zero does not
display the non-zero queue statistics, whereas the other aggregated Ethernet bundle ae1 displays it
correctly (both ae1 and ae2 has 4 x 400G member links each from the same BT chip). PR1543034
• [fabric] [fabrictag] PTX10008 : Junos OS Evolved picd generates a core file (unable to decode it on
ttsv-shell server ) during load baseline configuration and 400g MPLS loopback configuration back and
forth several times. PR1543045
• Any modification made in the middle of existing firewall filter might lead to all host-bound traffic getting
discarded. PR1544502
• When filter applied on Routing Engine management and deactivated, filter behavior is unchanged after
deactivation. PR1553791
• The software rollback might not work correctly on Junos OS Evolved platforms. PR1556641
• The device might not boot up after performing the cleanup operation. PR1557020
24
• PTX10008:Junos OS Evolved Plugged-in FPCs are automatically turning into online state, post performing
mastership switchover. PR1557419
• PTX10008 PDT: could not open user interface connection: management daemon not responding, unable
to go to edit/configuration mode. PR1559070
Infrastructure
• Launching the CLI produces a syslog notice.PR1553897
• [Junos OS Evolved] [PTX10008] ALB scan-interval configuration not taking effect. PR1538854
• FTI tunnel commit fails for MTU change on its family (inet, inet6). PR1540431
• CLI command show interface descriptions does not show Link and Admin status of the logical interfaces
in routers running affected Junos OS Evolved release. PR1545787
• FTI:IP in IP tunneling: SNMP: ifMtu is wrong in snmp mib walk against fti0 interface.PR1549220
• Firewall: Use of filter configured without address-family as nested filter causes configuration commit to
fail. PR1552641
• Junos OS Evolved- changing the interface-specific field of the referenced filter in a single commit is not
supported. PR1556982
Routing Protocols
• The rpd might crash after reboot when MSDP is configured. PR1536593
• Remove support for CLI ping command vpn-interface attribute for Junos OS Evolved. PR1533805
25
IN THIS SECTION
What's New | 25
What's Changed | 30
Known Limitations | 34
Open Issues | 34
Resolved Issues | 36
These release notes accompany Junos OS Evolved Release 20.4R3 for QFX5130-32CD, QFX5220-32CD
and QFX5220-128C Switches. They describe new and changed features, limitations, and known and
resolved problems in the hardware and software.
What's New
IN THIS SECTION
Learn about new features introduced in these releases for QFX Series switches.
There are no new features or enhancements to existing features in Junos OS Release 20.4R3 QFX Series
switches.
26
There are no new features or enhancements to existing features in Junos OS Release 20.4R2 QFX Series
switches.
Hardware
• Support for optical interfaces and transceivers (QFX5130-32CD)—Starting in Junos OS Evolved Release
20.4R1, optical interfaces and transceivers are supported on the QFX5130-32CD switches.
The infrastructure service APIs are implemented by the infrastructure services process (iesd). The APIs
can extract:
• Application-specific data
• Support for Juniper Extension Toolkit (JET) versioning service APIs (PTX10001-36MR, PTX10003,
PTX10004, PTX10008, QFX5130-32CD, and QFX5220)—Starting in Junos OS Evolved Release 20.4R1,
JET supports the following service APIs that pull the versioning information from the IDL files of JET
APIs. You can use this information for automation, such as to programmatically determine the compatibility
of the deployed network elements and the remote procedure calls (RPCs).
• JunosVersionRequest: Gets Junos OS Release number, gRPC version, and protobuf version.
• Sensor for physical interface traffic except queue statistics (resource path /junos/system/linecard/
interface/traffic/)
[See Understanding OpenConfig and gRPC and gNMI on Junos Telemetry Interface and Guidelines for
gRPC and gNMI Sensors (Junos Telemetry Interface).]
MPLS
• New output fields added in the show path-computation-client lsp extensive command (PTX Series and
QFX Series)—Starting in Junos OS Evolved Release 20.4R1, you’ll see association details such as
Association type, ID, and source in the output of the show path-computation-client lsp command when
you use the command with the extensive option.
Multicast
• Support for multicast forwarding (QFX5130-32CD)—Starting with Release 20.4R1, Junos OS Evolved
supports the following multicast features for device as last-hop router (LHR):
28
Support does not extend to L3 multicast features beyond those listed above. That is, in this release,
IGMP snooping, MLD snooping, MSDP, MVPN, PIM-Bidir, PIM MoFRR, PIM first-hop router (FHR), and
rendezvous point (RP) are not supported.
In addition, IRB interface is not supported as either a source or a receiver, and make-before-break (MBB)
is not supported for existing L3 aggregated Ethernet (ae) receivers (member additions and deletions or
ups and downs).
• IGMP snooping support (QFX5130-32CD)—Starting with Junos OS Evolved Release 20.4R1, you can
configure IGMP snooping with IGMPv1, IGMPv2, and IGMPv3 in any-source multicast (ASM) and
source-specific multicast (SSM) modes.
• IGMP snooping in proxy mode, in EVPN-VXLAN or EVPN-MPLS networks, or with IRB interfaces.
• Make-before-break (MBB) link redistribution for multicast receivers on existing Layer 2 aggregated
Ethernet (ae) interfaces, including for member additions or deletions and link up or down events.
Other limitations:
• Devices receiving IGMP group-specific queries on multicast router interfaces forward those queries
to all other interfaces in the VLAN.
• Devices forward all unregistered IPv4 and IPv6 multicast packets to the multicast router interfaces in
the VLAN even if you configured an interface as a multicast router interface only for IGMP snooping.
identifier for the comparison configuration. The <get-configuration> operation supports the
compare="configuration-revision" and configuration-revision attributes to perform the comparison.
• Configuration retrieval using the configuration revision identifier (PTX10003, PTX10008, and
QFX5220)—Starting in Junos OS Evolved Release 20.4R1, you can use the configuration revision identifier
feature to view the configuration for a specific revision. This feature creates a unique configuration
database revision with every successful configuration commit operation. This configuration database
revision can be viewed with the CLI command show system configuration revision.
Routing Protocols
• VRRP PFE support (QFX5130-32CD, QFX5220)—Starting in Junos OS Evolved Release 20.4R1,
QFX5130-32CD and QFX5220 switches support VRRP. This VRRP implementation does not support
delegation, ISSU, ProxyArp, VLAN dual-tagging, or MC-LAG interfaces.
System Management
• PTP enterprise profile (QFX5220-128C)—Starting in Junos OS Evolved Release 20.4R1, we support the
Precision Time Protocol (PTP) enterprise profile, which is based on PTP version 2 (PTPv2). The PTP
enterprise profile enables the enterprise and financial markets to add a timestamp to the operations of
different systems and to handle a range of latencies and delays.
You can enable the PTP enterprise profile at the [edit protocols ptp profile-type] hierarchy level.
• PTP media profiles (QFX5220-32CD and QFX5220-128C)—Starting in Junos OS Evolved Release 20.4R1,
you can configure the following Precision Time Protocol (PTP) media profile types:
• SMPTE profile
• AES67 profile
You can enable the PTP media profiles at the [edit protocols ptp profile-type] hierarchy level.
What's Changed
IN THIS SECTION
• Community information no longer included in VRF routing table— The QFX series switches no longer
include the inherited advertised route target communities, EVPN extended communities, or vxlan
encapsulation communities for EVPN Type 2 and EVPN Type 5 routes when an IP host is added in the
VRF routing table.
General Routing
• Enhancement to the show interfaces (Aggregated Ethernet) command (PTX Series and QFX
Series)—When you run the show interfaces extensive command for Aggregated Ethernet interfaces,
you can now view following additional fields for MAC statistics : Receive, Transmit, Broadcast and
Multicast packets.
General Routing
• SSH session connection attempt limits and connection limits (PTX Series and QFX Series)—We have
introduced SSH connection-limit and rate-limit options at the set system services ssh hierarchy levels
to enable SSH connection limit and rate limit per connection. The default connection limit value is 75
connections and there is no default value associated with rate limit.
• The jcs:invoke() function supports suppression of root login and logout events in system log files for
SLAX event scripts (PTX Series and QFX Series)—The jcs:invoke() extension function supports the
no-login-logout parameter in SLAX event scripts. If you include the parameter, the function does not
generate and log UI_LOGIN_EVENT and UI_LOGOUT_EVENT messages when the script logs in as root
to execute the specified remote procedure call (RPC). If you omit the parameter, the function behaves
as in earlier releases in which the root UI_LOGIN_EVENT and UI_LOGOUT_EVENT messages are included
in system log files.
Software Licensing
• License key format (PTX10003-160C, PTX10003-80C, QFX5220-32CD, QFX5220-128C)—When you
are upgrading from Junos OS Evolved Release 20.4R1 to Junos OS Evolved Release 20.4R2 or later
releases, you need new license keys to use the features on the listed devices. Contact Customer Care
to exchange license keys for Junos OS Evolved Release 20.4R2 or later.
EVPN
• New output flag for the show bridge mac-ip table command—The Layer 2 address learning daemon
does not send updated MAC and IP Address advertisements to the Routing Protocol daemon when an
IRB interface is disabled in an EVPN-VXLAN network. Junos has added the NAD flag in the output of
the show bridge mac-ip-table command to identify the disabled IRB entries where the MAC and IP
address advertisement will not be sent.
• Updated XML output for show evpn p2mp—Starting with this release, when you pipe the output of the
show evpn p2mp command to the display xml option, Junos OS now returns an XML output with a
subtree structure for each neighbor. Prior to this release, the display XML returns an XML output with
all the neighbors under one tree structure.
33
General Routing
• Inet6 is disabled in VT interface (QFX5130-32CD and QFX5220)—Starting in this release, the inet6
statement at the [edit interfaces vt-interface-number unit unit-number family] hierarchy level is disabled.
Layer 2 Features
• New commit check for MC-LAG (QFX Series)—We've introduced a new commit check to check the
values assigned to the redundancy group identification number on the MC-AE interface (
redundancy-group-id ) and ICCP peer (redundancy-group-id-list ) when you configure multichassis
aggregation groups (MC-LAGs). If the values are different, the system reports a commit check error. In
previous releases, if the configured values were different, the l2ald process would crash.
MPLS
• The show mpls lsp extensivel and show mpls lsp detail commands display next hop gateway LSPid—
When you use the show mpls lsp extensivel and show mpls lsp detail commands, you'll see next hop
gateway LSPid in the output as well.
• Disable back-off behavior on PSB2 (PTX Series and QFX Series)— We've introduced the cspf-backoff-time
statement globally for MPLS and LSP to delay the CSPF by configured number of seconds, on receiving
bandwidth unavailable PathErr on PSB2. If the configured value is zero, then the CSPF starts immediately
for PSB2, when bandwidth-unavailable PathErr is received. If the statement is not configured, the default
exponential back-off occurs.
[See cspf-backoff-time..]
• New TLV types and TLV type values in output field (PTX10001-36MR, PTX10003, PTX10004,
PTX10008, QFX5130-32CD, and QFX5220)—We've introduced TLV SR policy identifier, TLV SR
candidate path identifier, and TLV SR preference fields in the output for the show path-computation-client
tlv-types command. These new output fields help you in easily fetching the TLV type values used by
PCCD irrespective of whether the type values are experimental or standardized.
34
Routing Protocols
• Loading of the default configurations in a RIFT package causes the following changes:
1. Output of the show rift node status command displays the node ID in hexadecimal number even
though the node ID is configured in decimal, hexadecimal, or octal number.
2. Some of the DDoS default configurations change because of the DDoS protection interferes with
the RIFT BFD operation.
[See export-format.]
Known Limitations
There are no known limitations in hardware and software in this release for QFX Series switches..
Open Issues
IN THIS SECTION
General Routing | 35
Layer 2 Features | 36
Routing Protocols | 36
35
Learn about open issues in this release for QFX Series switches. For the most complete and latest
information about known Junos OS Evolved defects, use the Juniper Networks online Junos Problem
Report Search application.
General Routing
• On Junos OS Evolved platforms when the NDP Neighbor Discovery Protocol (NDP) entries are scaled
to 32,000 over IRB in one shot, the NDP process might reach 100% CPU utilization, and unicast nexthops
for all the 32,000 entries might not be present. This results in traffic drops for entries for which unicast
nexthop is not present. PR1551644
• In the latest Junos OS Evolved 21.1R1 release, regression script might trigger PTP BC of QFX5220-32CD
platform run into freerun state (expected Phasee aligned). The following configuration sequence can
potentially trigger the issue: As a key workaround, do not commit seperately and commit only once.
PR1604699
As a workaround to avoid this happening in the release, perform the following configuration sequence:
3. Commit.
36
Layer 2 Features
• It is observed rarely that issuing request system zeroize does not trigger zero-touch provisioning. As a
workaround, re-initiate the ZTP. PR1529246
Routing Protocols
• On QFX5130-32CD and QFX5220 Virtual Chassis or Virtual Chassis fabric, when the mini-PDT-base
configuration is issued, the following error message is seen in the hardware:
BRCM_NH-,brcm_nh_bdvlan_ucast_uninstall(), 128:l3 nh 6594 unintsall failed. There is no functionality
impact because of this error message. PR1407175
Resolved Issues
IN THIS SECTION
Learn about the issues fixed in these releases for QFX Series switches.
For the most complete and latest information about known Junos OS Evolved defects, use the Juniper
online Junos Problem Report Search application.
There are no resolved issues in this release for QFX Series switches..
General Routing
• On QFX5130 and QFX5220, object anomalies are seen with PTP TC configuration. PR1577375
37
• Routing Engine policing status is updated correctly in the ddos-protection show command outputs.
PR1588556
• Port mirroing instance down with mirrored output as tagged interface. PR1593276
General Routing
• Utility: Differences in xml tags for show system virtual-memory are seen. PR1438110
• On QFX5130-32CD, the dscp action configured in firewall filter does not work and does not rewrite
the dscp bits. PR1514580
• Ingress policer scale is limited to 128 due to a known issue in the Junos OS Evolved Release 20.3R1.
PR1525525
• The egress firewall filter might not work as expected on QFX5130 platforms. PR1536550
• The software rollback might not work correctly on Junos OS Evolved platforms. PR1556641
• The BGP sessions might intermittently flap if the egress sFlow sampling is enabled at a high sampling
rate. PR1571636
DHCP
• DHCP Relay option-82, option code 53 check failed in jdhcpd trace logs. PR1498978
System Management
• QFX5220 does not support the following matches, which were supported on QFX5200: first-fragment,
tcp-established, Is-fragment, and hop-limit. PR1499009
• The evo-aftmand process might be stuck at 100% CPU usage in a scaled setup. PR1511597
• In QFX5130-32CD, when a policer is configured as an action for a loopback filter, it does not take effect.
PR1514601
38
• On the QFX5130-32CD platform, when the management port speed is configured to 100 Mbps, the
port's status LED does not light up. However, the port forwards traffic normally. PR1521510
• On the QFX5130-32CD platform, the ERSPAN status continues to show status as "Up" even when the
destination IP address is unreachable. PR1527505
• QFX5130-32CD: In LPM and default UFT profile, MAC addresses are learnt more than 32,000 in Routing
Engine. PR1528508
• 160,000 MAC flushing with traffic running, takes close to 35 minutes after clear ethernet-switching
table, without traffic flushed in 3-4 minutes. PR1528511
• On the QFX5130-32CD platform, the CLI option to configure a range of VLANs as the input for the
analyzer is not supported in this release. PR1529419
• The cosd might crash when multiple configuration changes are made in a single commit. PR1536320
• The protocol LLDP might not be enabled after factory default. PR1536531
• Egress RACL is not programmed as expected when an ERACL with 1000 terms is attached to more than
one interface. PR1536550
• With port mirror, the evo-pfemand might restart unexpectedly on QFX Series platform running Junos
OS Evolved. PR1538626
39
1. Using a Web browser, navigate to the All Junos Platforms software download URL on the Juniper
Networks webpage:
https://www.juniper.net/support/downloads/
2. In the Find a Product box, enter the Junos OS platform for the software that you want to download.
4. Select the relevant release number from the Version drop-down list.
5. In the Install Package section, select the software package for the release.
6. Log in to the Juniper Networks authentication system using the username (generally your e-mail address)
and password supplied by a Juniper Networks representative.
NOTE: We don't recommend that you download the Services Profile 1 image to use the lean
rpd profile. We will deprecate this image in Junos OS Evolved 21.4R1. For more information
about the types of Junos OS Evolved installation package prefixes, see Junos OS Evolved
Installation Packages.
9. Copy the software to the device or to your internal software distribution site.
NOTE: We recommend that you upgrade all software packages out of band using the console
because in-band connections are lost during the upgrade process.
40
For more information about software installation and upgrade, see Software Installation and Upgrade
Overview.
For more information about EOL releases and to review a list of EOL releases, see
https://support.juniper.net/support/eol/software/junosevo/.
41
Licensing
Starting in 2020, Juniper Networks introduced a new software licensing model. The Juniper Flex Program
comprises a framework, a set of policies, and various tools that help unify and thereby simplify the multiple
product-driven licensing and packaging approaches that we’ve developed at Juniper Networks over the
past several years.
• A focus on customer segments (enterprise, service provider, and cloud) and use cases for Juniper Networks
hardware and software products.
• The introduction of a common three-tiered model (standard, advanced, and premium) for all Juniper
Networks software products.
• The introduction of subscription licenses and subscription portability for all Juniper Networks products,
including Junos OS and Contrail.
For information about the list of supported products, see Juniper Flex Program.
Learn about more information on Junos OS Evolved and other Juniper products.
• Feature Explorer—Juniper Networks Feature Explorer helps you in exploring software feature information
to find the right software release and product for your network.
https://apps.juniper.net/feature-explorer/
• PR Search Tool—Keep track of the latest and additional information about Junos OS Evolved open
defects and issues resolved. prsearch.juniper.net
• Hardware Compatibility Tool—Determine optical interfaces and transceivers supported across all
platforms. apps.juniper.net/hct/home
NOTE: To obtain information about the components that are supported on the devices, and
the special compatibility guidelines with the release, see the Hardware Guide for the product.
Documentation Feedback
We encourage you to provide feedback, comments, and suggestions so that we can improve the
documentation. You can provide feedback by using either of the following methods:
• Online feedback system—Click TechLibrary Feedback, on the lower right of any page on the Juniper
Networks TechLibrary site, and do one of the following:
• Click the thumbs-up icon if the information on the page was helpful to you.
• Click the thumbs-down icon if the information on the page was not helpful to you or if you have
suggestions for improvement, and use the pop-up form to provide feedback.
Technical product support is available through the Juniper Networks Technical Assistance Center (JTAC).
If you are a customer with an active J-Care or Partner Support Service support contract, or are covered
under warranty, and need post-sales technical support, you can access our tools and resources online or
open a case with JTAC.
• JTAC policies—For a complete understanding of our JTAC procedures and policies, review the JTAC User
Guide located at https://www.juniper.net/us/en/local/pdf/resource-guides/7100059-en.pdf.
• JTAC hours of operation—The JTAC centers have resources available 24 hours a day, 7 days a week,
365 days a year.
For quick and easy problem resolution, Juniper Networks has designed an online self-service portal called
the Customer Support Center (CSC) that provides you with the following features:
• Find solutions and answer questions using our Knowledge Base: https://kb.juniper.net/
To verify service entitlement by product serial number, use our Serial Number Entitlement (SNE) Tool:
https://entitlementsearch.juniper.net/entitlementsearch/
44
You can create a service request with JTAC on the Web or by telephone.
• Visit https://myjuniper.juniper.net.
Revision History
7 October 2021—Revision 2, Junos OS Evolved Release 20.4R3 for the PTX10001-36MR, PTX10003,
PTX10004, PTX10008, QFX5130-32CD, and QFX5220 Devices.
16 September 2021—Revision 1, Junos OS Evolved Release 20.4R3 for the PTX10001-36MR, PTX10003,
PTX10004, PTX10008, QFX5130-32CD, and QFX5220 Devices.
12 August 2021—Revision 5, Junos OS Evolved Release 20.4R2 for the PTX10001-36MR, PTX10003,
PTX10004, PTX10008, QFX5130-32CD, and QFX5220 Devices.
16 July 2021—Revision 4, Junos OS Evolved Release 20.4R2-S2 for the PTX10001-36MR, PTX10003,
PTX10004, PTX10008, QFX5130-32CD, and QFX5220 Devices.
8 July 2021—Revision 1, Junos OS Evolved Release 20.4R2-S2 for the PTX10001-36MR, PTX10003,
PTX10004, PTX10008, QFX5130-32CD, and QFX5220 Devices.
25 May 2021—Revision 3, Junos OS Evolved Release 20.4R2 for the PTX10001-36MR, PTX10003,
PTX10004, PTX10008, QFX5130-32CD, and QFX5220 Devices.
18 May 2021—Revision 2, Junos OS Evolved Release 20.4R2 for the PTX10001-36MR, PTX10003,
PTX10004, PTX10008, QFX5130-32CD, and QFX5220 Devices.
7 May 2021—Revision 1, Junos OS Evolved Release 20.4R2 for the PTX10001-36MR, PTX10003,
PTX10004, PTX10008, QFX5130-32CD, and QFX5220 Devices.
10 May 2021—Revision 1, Junos OS Evolved Release 20.4R2 for the PTX10001-36MR, PTX10003,
PTX10004, PTX10008, QFX5130-32CD, and QFX5220 Devices.
12 April 2021—Revision 4, Junos OS Evolved Release 20.4R1 for the PTX10001-36MR, PTX10003,
PTX10004, PTX10008, QFX5130-32CD, and QFX5220 Devices.
18 March 2021—Revision 3, Junos OS Evolved Release 20.4R1 for the PTX10001-36MR, PTX10003,
PTX10004, PTX10008, QFX5130-32CD, and QFX5220 Devices.
45
19 February 2021—Revision 2, Junos OS Evolved Release 20.4R1 for the PTX10001-36MR, PTX10003,
PTX10004, PTX10008, QFX5130-32CD, and QFX5220 Devices.
22 December 2020—Revision 1, Junos OS Evolved Release 20.4R1 for the PTX10001-36MR, PTX10003,
PTX10004, PTX10008, QFX5130-32CD, and QFX5220 Devices.
Juniper Networks, the Juniper Networks logo, Juniper, and Junos are registered trademarks of Juniper Networks, Inc.
and/or its affiliates in the United States and other countries. All other trademarks may be property of their respective
owners.
Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right
to change, modify, transfer, or otherwise revise this publication without notice.