Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Table of Contents
Navigation  Back up to About Overview 
ContentIndex
 
[+] Expand All
[-] Collapse All

Changes in Behavior and Syntax

This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands from Junos OS Release 13.2R8 for the M Series, MX Series, and T Series.

Class of Service (CoS)

  • Regular expression (M, Series, MX Series, and T Series)—In all supported Junos OS releases, regular expressions can no longer be configured if they require more than 64 MB of memory or more than 256 recursions for parsing.

    This change in the behavior of Junos OS is in line with the Free BSD limit. The change was made in response to a known consumption vulnerability that allows an attacker to cause a denial of service (resource exhaustion) attack by using regular expressions containing adjacent repetition operators or adjacent bounded repetitions. Junos OS uses regular expressions in several places within the CLI. Exploitation of this vulnerability can cause the Routing Engine to crash, leading to a partial denial of service. Repeated exploitation can result in an extended partial outage of services provided by the routing protocol process (rpd).

  • Rate-limit fields are displayed even when rate limiting is not configured—Starting in Junos OS Release 13.2, you can issue the show interfaces queue interface-name command to view the number of packets dropped at an interface. The output of the show interfaces queue interface-name command always displays the rate-limit counter fields whether or not rate limiting is configured on the queue. Rate-limit counters are displayed in two columns. The first column is the consolidated count of the packets dropped, and the second column is the real-time count of the packets dropped. Rate-limit packet drop counters display the value 0 when rate limiting is not configured on the queue or when the queue does not have rate-limit packet drops even with rate limiting configured.

    Rate-limit packet drop counters display meaningful values in both columns when the queue has rate-limit packet drops. However, when rate limiting is not happening in real time but has occurred earlier, the first column displays the consolidated count and the second column displays the value 0. You can clear the packet drop statistics by using the clear interface statistics interface-name command.

Dynamic Host Configuration Protocol (DHCP)

  • DHCP client IP address (MX Series)—Starting in Junos OS Release 12.2, you can configure the subnet to which the DHCP local server matches the requested IP address. The server accepts and uses an active client’s requested IP address to address assignment only when the requested address and the IP address of the DHCP server interface are in the same subnet. The server accepts and uses a passive client’s requested IP address only when the requested address and the IP address of the relay interface are in the same subnet.

High Availability (HA) and Resiliency

  • Change in behavior of request system reboot command for MX Series Virtual Chassis (MX Series routers with MPC/MIC interfaces)—Starting in Junos OS Release 12.3R3, the behavior of the request system reboot command has been changed when used with an MX Series Virtual Chassis. To reboot both Routing Engines in each member router of the Virtual Chassis, you can now use any of the following commands:
    • request system reboot
    • request system reboot all-members
    • request system reboot all-members both-routing-engines

    In Junos OS Release 12.2R2 and earlier releases, the request system reboot command rebooted only the master Routing Engine in each member router in the MX Series Virtual Chassis.

    [See request system reboot.]

  • Configuration support to prevent the LACP MC-LAG system ID from reverting to the default LACP system ID on ICCP failure—Starting in Junos OS Release 13.2, you can configure the prefer-status-control-active statement with the status-control standby configuration at the [edit interfaces aeX aggregated-ether-options mc-ae hierarchy level to prevent the LACP MC-LAG system ID from reverting to the default LACP system ID on ICCP failure. Use this configuration only if you can ensure that ICCP does not go down unless the router is down. You must also configure the hold-time down value (at the [edit interfaces interface-name] hierarchy level) for the interchassis link with the status-control standby configuration to be higher than the ICCP BFD timeout. This configuration prevents traffic loss by ensuring that when the router with the status-control active configuration goes down, the router with the status-control standby configuration does not go into standby mode.

    To make the prefer-status-control-active configuration work with the status-control standby configuration when an interchassis-link logical interface is configured, you must either configure the lacp periodic interval statement at the [edit interface interface-name aggregated-ether-options] hierarchy level as slow or configure the detection-time threshold statement at the [edit protocols iccp liveness-detection] hierarchy level as less than 3 seconds.

    [See mc-ae.]

Interfaces and Chassis

  • Display of effective shaping rate (M Series, MX Series, and T Series)—In Junos OS Release 13.2R3, the output of the show subscribers extensive command displays the Effective shaping-rate field only if you have enabled the effective shaping rate at the [edit chassis] hierarchy level.

    [See show subscribers.]

  • Inline port mirroring does not work (MX104)—In Junos OS 13.2R2 release, freshly configured inline port mirroring does not work. As a workaround, perform one of the following steps:
    • Restart the compact Forwarding Engine Board (AFEB) by using the request chassis afeb restart command.

      Note: This command impacts traffic and other services running on the router and should be used with caution.

    • Restart the chassis-control daemon by using the restart chassis-control restart command.

      Note: If GRES is not enabled on the router, this command impacts services and causes loss in traffic. If GRES is enabled, then this command has no impact on traffic. This command should be used with caution.

  • Support for MS-MIC on MPC-Type3—Starting with Junos OS Release 13.2R2, the Multiservices Modular Interfaces Card (MS-MIC) can be installed on an MPC-Type3 line card, in addition to an MPC-Type1 and an MPC-Type2 line card.
  • Display of Layer 2 overhead accounting capability at the PIC level (MX Series)—Beginning with Junos OS Release 13.2, the output of the show chassis pic fpc-slot slot-number pic-slot slot-number command has been enhanced to include the Account Layer2 Overhead field. This field indicates whether the functionality to count the Layer 2 overhead bytes in the interface statistics at the PIC level is enabled or disabled.

    [See CLI Explorer.]

  • Traffic drop observed when interface flapping occurs—Starting in Junos OS Release 13.2, for ATM interfaces with atm-ccc-cell-relay, atm-ccc-vc-mux, and atm-vc-mux encapsulation types configured, traffic drop is observed when interface flapping occurs as a result of the disabling of the interface or the deactivation, deletion, or changing of the corresponding Layer 2 circuit or Layer 2 VPN. This problem occurs with 16-port Channelized E1/T1 Circuit Emulation MICs on MX Series routers. As a workaround, you must stop the traffic on the Layer 2 circuit before configuring the interface, Layer 2 circuit, or Layer 2 VPN.

    [See 16-Port Channelized E1/T1 Circuit Emulation MIC Overview.]

  • Display an alarm in the show chassis alarm command output (M Series, MX Series, and T Series)—Starting with Junos OS Release 13.2, you can enable the slow-pfe-alarm statement at the [edit chassis] hierarchy level on an M Series, MX Series, or T Series router to display an alarm in the show chassis alarms command output (and also append the alarm to the system log messages file) when the Packet Forwarding Engine resource acknowledgment is not received by the Routing Engine within a predetermined time of 360 seconds.

    [See Configuring Slow Packet Forwarding Engine Alarm.]

  • Change in message-rate-limit range—Starting in Junos OS Release 13.2, the message-rate-limit range is 0 through 2147483647. Prior to Junos OS Release 13.2, the range was 0 through 4294967295.
    [interfaces interface-name services-option syslog]message-rate-limit messages-per-second
  • The LIST DTCP now displays the option Flags as BOTH in addition to the existing options.
  • Changes to DDoS protection policers for PIM and PIMv6 (MX Series with MPCs, T4000 with FPC5)—Starting in Junos OS Release 13.2R4, the default values for bandwidth and burst limits have been reduced for PIM and PIMv6 aggregate policers to prevent starvation of OSPF and other protocols in the presence of high-rate PIM activity.

    Policer Limit

    New Value

    Old Value

    Bandwidth (pps)

    8000

    20,000

    Burst (pps)

    16,000

    20,000

    To see the default and modified values for DDoS protection packet-type policers, issue one of the following commands:

    • show ddos-protection protocols parameters brief—Displays all packet-type policers.
    • show ddos-protection protocols protocol-group parameters brief—Displays only packet-type policers with the specified protocol group.

    An asterisk (*) indicates that a value has been modified from the default.

  • Deleting PTP clock client (MX104)—Starting with Junos OS Release 13.2, on MX104 routers, when you toggle from a secure slave to an automatic slave or vice versa in the configuration of a Precision Timing Protocol (PTP) boundary clock, you must first delete the existing PTP clock client or slave clock settings and then commit the configuration. You can delete the existing PTP clock client or slave clock settings by using the delete clock-client ip-address local-ip-address local-ip-address statement at the [edit protocols ptp master interface interface-name unicast-mode] hierarchy level. You can then add a new clock client configuration by using the set clock-client ip-address local-ip-address local-ip-address statement at the [edit protocols ptp master interface interface-name unicast-mode] hierarchy level and committing the configuration. However, if you attempt to delete the existing PTP clock client and add the new clock client before committing the configuration, the PTP slave clock remains in the free-run state and does not operate in the auto-select state (to select the best clock source). This behavior is expected when PTP client or slave settings are modified.
  • Restrictions for maximum blocksize for NAT port block allocation—The maximum blocksize for NAT port block allocation (PBA) is now 32,000.
  • Preventing the filtering of packets by ARP policers (MX Series)—You can configure the router to disable the processing of the specified ARP policers on the received ARP packets. Disabling ARP policers can cause denial-of-service (DoS) attacks on the system. Due to this possibility, we recommend that you exercise caution while disabling ARP policers. To prevent the processing of ARP policers on the arriving ARP packets, include the disable-arp-policer statement at the [edit interfaces interface-name unit logical-unit-number family inet policer] or the [edit logical-systems logical-system-name interfaces interface-name unit logical-unit-number family inet policer] hierarchy level. You can configure this statement only for interfaces with inet address families and on MX Series routers with MPCs. When you disable ARP policers per interface, the packets continue to be policed by the distributed DoS (DDoS) ARP policer. The maximum rate of is 10,000 pps per FPC.

    [Network Interfaces, Protocol Family and Interface Address Properties]

Layer 2 Features

  • Layer 2 port mirroring (MX Series routers with MPCs)—Starting in Junos OS Release 13.2, you can enable Layer 2 port mirroring of host-generated outbound packets only on MPCs on MX Series routers.
  • Support for mirroring an entire Layer 2 packet at egress and ingress interfaces (MX Series routers with MPCs)—Port mirroring copies packets entering or exiting an interface and sends copies to the local interface for local monitoring. On a router running Junos OS, if port mirroring is required for Layer 3 packets, then the family inet must be configured on either the egress or the ingress interface. This configuration can mirror only Layer 3 packets. Similarly, for Layer 2 packets, you must configure the family bridge or the family vpls at either egress or ingress.

    For bridging domains with VLAN identifiers configured as integrated routing and bridging (IRB) interfaces, the port mirroring functionality tied to a specific family limits the processing of Layer 2 packets. This is because IRB is configured to process Layer 3 packets and thereby supports only the family inet.

    To capture an entire Layer 2 packet at any interface within a network, beginning with Junos OS Release 13.2, you can configure family any on either the egress or ingress interface that is configured for port mirroring. To configure port mirroring parameters for the family any, configure the following statements at the [edit forwarding-options port-mirroring] hierarchy level:

    family any {output {(next-hop-group group-name | interface interface-name);}}

    You can run a similar configuration at the [edit forwaring-options port-mirroring instance instance-name] hierarchy level to configure port mirroring parameters for a port mirroring instance in the family any.

    [See Configuring Protocol-Independent Firewall Filter for Port Mirroring.]

  • Support for VLAN ID none configuration for MC-LAG bridge domains in active-active mode (MX Series)—To facilitate forwarding and media access control (MAC) and Address Resolution Protocol (ARP) synchronization among multichassis link aggregation (MC-LAG) peers when the VLAN identifier is none, in Junos OS Release 13.2 and later, you must configure a service identifier within bridge domains in active-active mode.

    To configure a service identifier for a bridge domain, configure the service-id statement at the [edit bridge domain bridge-domain-name] hierarchy level. You must configure the same service identifier for MC-LAG peers.

    [See Configuring Integrated Routing and Bridging for Bridge Domains.]

MPLS

  • Enhanced support for GRE interfaces for GMPLS (MX Series)—Starting in Junos OS Release 12.3R7, on GRE interfaces for Generalized MPLS control channels, you can enable the inner IP header’s ToS bits to be copied to the outer IP packet header. Include the copy-tos-to-outer-ip-header statement at the [edit interfaces gre unit logical-unit-number] hierarchy level. Previously, the copy-tos-to-outer-ip-header statement was supported for GRE tunnel interfaces only.

    [See copy-tos-to-outer-ip-header.]

Multicast

  • PIM snooping support using relay mode (M Series and MX Series)—Starting with Junos OS Release 13.2, PIM snooping on PE routers is supported using relay mode instead of proxy mode. This enables CE routers with PIM snooping to send Hello packets without setting the tracking bit (T-bit) to the PE routers. In relay mode, you do not need to configure values for the join-prune-timeout statement and save the Finite State Machine. To check the status of relay mode on the CLI, use the show pim snooping neighbors command or the show pim snooping interfaces command.

Network Address Translation (NAT)

  • New method for computing block size for NAPT deterministic port block allocation (M Series, MX Series, and T Series)—The method for computing the block size for deterministic port block allocation for Network Port Translation (NAPT) when the configured block size is zero has changed, and is computed as follows:

    block-size = int(64512/ceil[(Nr_Addr_PR_Prefix/Nr_Addr_PU_Prefix)])

    where:

    64512 is the maximum available port range per public IP address.

    Nr_Addr_PR_Prefix is the number of usable pre-NAT IPv4 subscriber addresses in a from clause match condition.

    Nr_Addr_PU_Prefix is the number of usable post-NAT IPv4 addresses configured in the NAT pool.

  • Support for NAT rule translation of boundary addresses in the source address range of a NAT pool (MX Series)—Starting in Junos OS Release 13.2, the include-boundary-addresses statement is available when deterministic-port-block-allocation is used in a NAT pool as follows:
    [edit services nat pool pool-name]user@host# set port deterministic-port-block-allocation block-size block-size include-boundary-addresses

    Including include-boundary-addresses causes the lowest and highest addresses in the source address range of a NAT rule to be translated when the NAT pool is used. Prior to Junos OS Release 13.2, the lowest and highest addresses were not translated.

Network Management and Monitoring

  • New system log message indicating the difference in the Packet Forwarding Engine counter value (M Series, MX Series, and T Series)—Effective in Junos OS Release 13.2R6, if the counter value of a Packet Forwarding Engine is reported lesser than its previous value, then the residual counter value is added to the newly reported value only for that specific counter. In that case, the CLI shows the MIB2D_COUNTER_DECREASING system log message for that specific counter.
  • SNMP queries from routing instance (MX480)— Starting in Junos OS Release 13.2, the SNMP queries from a valid client on one routing instance with the community name that belongs to another routing instance receives details of the other routing instance, irrespective of the different community name.

    [See community-name (SNMP).]

  • SNMP MIB enabled for FPC crash events (T Series)—The jnxFruTable object (in the Chassis MIB) is supported for FPC crash events on the T Series. You can use the show log messages | match trap command to view the SNMP Traps.
  • SNMP MIB enabled for SPMB crash events (T Series)—The jnxFruTable object (in the Chassis MIB) is supported for SPMB (Switch Processor Mezzanine Board) crash events on the T Series. You can use the show log chassisd command to view the SNMP MIB objects.

Routing Policy and Firewall Filters

  • Outages in a BSR-enabled bidirectional-PIM network—In a bootstrap router (BSR)-enabled bidirectional PIM domain, mixing Junos OS Release pre-12.1R7 releases and later releases can cause unexpected outages. If you have a deployment with routers running Junos OS Release pre-12.1R7 and if you upgrade a subset of the routers to Junos OS Release 12.1R7 or later, the group-to-RP mapping across the domain breaks and an outage occurs.

Routing Protocols

  • Modification to the default BGP extended community value—Starting in Release 14.1, Junos OS modifies the default BGP extended community value used for MVPN IPv4 VRF route import (RT-import) to the IANA-standardized value. Thus, the default behavior will change such that the behavior of the mvpn-iana-rt-import statement will become the default. The mvpn-iana-rt-import statement will be deprecated and should be removed from configurations.
  • BGP hides a route received with a label block size greater than 256 (M Series, MX Series, and T Series)— When a BGP peer (running Junos OS) sends a route with a label block size greater than 256, the local speaker hides the route and does not re-advertise this route. The output of the show route detail/extensive hidden/all command displays the hidden route and states the reason as label block size exceeds max supported value. In earlier Junos OS releases, when a peer sent a route with a label block size greater than 256, the routing protocol process (rpd) terminated abnormally.

Services Applications

  • Changes in from statement—Starting in Junos OS Release 13.2, the destination-address statement in a firewall rule from statement might not have the address value of 0::00 with IPv6.
    [edit services stateful-firewall rule rule-name term term-name from]destination-address (address | any-unicast) <except>;

    This issue is being tracked by PR857106

  • Support for multiple source IDs when multiple protocol families are configured for a flow aggregation using Version 9—Starting in Junos OS Release 13.2, flow aggregation that uses Version 9 will assign a different Source ID for each protocol. This ensures that duplicate sequence numbers are not sent under a common domain ID. The multiple Source IDs do not indicate that the export packets are originating from multiple Service PICs. Prior to Junos OS Release 13.2, multiple domains were combined on a flow and the sequence numbers did not behave as expected.
  • post-service-filter statement not supported—The post-service-filter statement is not supported when the service interface is on an MS-MIC or MS-MPC:
    [edit interfaces interface-name unit logical-unit-number family inet service input post-service-filter filter-name]
  • Change in running RPM traceoptions—Starting in Junos OS Release 13.2, running RPM traceoptions is performed from the [edit services rpm] hierarchy. Prior to Junos OS Release 13.2, running RPM traceoptions was performed at the [edit snmp] hierarchy level.

    The RPM traceoptions are configured as follows:

    [edit services rpm]
    traceoptions { file filename <files number> <match regular-expression > <size maximum-file-size> <world-readable | no-world-readable>;flag flag;}

    The options are:

    • file filename—Name of the file to receive the output of the tracing operation. All files are placed in the directory /var/log.
    • match regular-expression—(Optional) Refine the output to include lines that contain the regular expression.
    • size maximum-file-size—(Optional) Maximum size of each trace file. By default, the number entered is treated as bytes. Alternatively, you can include a suffix to the number to indicate kilobytes (KB), megabytes (MB), or gigabytes (GB). If you specify a maximum file size, you also must specify a maximum number of trace files with the files option.
    • world-readable—(Optional) Enable unrestricted file access.
    • no-world-readable—(Default) Disable unrestricted file access. This means the log file can be accessed only by the user who configured the tracing operation.
    • flag flag—Tracing operation to perform. To specify more than one tracing operation, include multiple flag statements. You can include the following flags:
      • all—Trace all operations.
      • configuration—Trace configuration events.
      • error—Trace events related to catastrophic errors in daemon.
      • ipc—Trace IPC events.
      • ppm—Trace ppm events.
      • statistics—Trace statistics.

    This issue was being tracked by PR857470.

  • Interoperation of ingress sampling and PIC-based flow monitoring (MX Series)—If PIC-based flow monitoring is enabled on an ms- logical interface, a commit check error occurs when you attempt to configure ingress traffic sampling on that particular ms- logical interface. This error occurs because a combination of ingress sampling and PIC-based flow monitoring operations on an ms- logical interface causes undesired flow monitoring behavior and might result in repeated sampling of a single packet. You must not configure ingress traffic sampling on ms- logical interfaces on which PIC-based flow monitoring is enabled.

Subscriber Management and Services

Note: Although present in the code, the subscriber management features are not supported in Junos OS Release 13.2R8. Documentation for subscriber management features is included in the Junos OS Release 13.2 documentation set.

  • Subscriber login when lawful intercept fails—Starting in Junos OS Release 13.2R2, when lawful intercept activation fails during a subscriber login, the subscriber login will not be denied. An SNMP message will still be generated that indicates the lawful intercept activation failed. In Junos OS releases prior to 13.2R2, the subscriber login was denied if lawful intercept activation failed.
  • DHCPv6 Relay Agent (MX Series)—Starting in Junos OS Release 12.3R3, during the subscriber authentication or client authentication process, you can identify a subset of the DHCPv6 Relay Agent Remote-ID option (option 37) in the client PDU name to be concatenated with the username instead of concatenating the entire Remote-ID. You can use the enterprise-id and remote-id statements at the [edit forwarding-options dhcp-relay dhcpv6 authentication username-include relay-agent-remote-id] and the [edit system services dhcp-local-server dhcpv6 authentication username-include relay-agent-remote-id] hierarchy levels.
  • Support for 64-character tunnel passwords (MX Series)—Starting in Junos OS Release 13.2, you can specify a tunnel password up to 64 characters in length with the secret password statement at the [edit access tunnel-profile profile-name tunnel tunnel-id] hierarchy level. In earlier releases, the password is limited to 32 characters.
  • Changes to DDoS protocol groups (MX Series)—Starting in Junos OS Release 13.2, the ipv4-unclassified and ipv6-unclassified DDoS protocol groups have been deprecated in the protocols statement at the [edit system ddos-protection ddos] hierarchy level. These two protocol groups have also been deprecated from the show ddos-protection protocols commands. These groups formerly were used to police all unclassified IPv4 and IPv6 host-bound traffic.

    In their place, 10 new protocol groups have been added to the protocols statement and the show ddos-protection protocols commands:

    • control-layer2—Unclassified Layer 2 control packets.
    • control-v4—Unclassified IPv4 control packets.
    • control-v6—Unclassified IPv6 control packets.
    • filter-v4—Unclassified IPv4 filter action packets; sent to the host because of reject terms in firewall filters.
    • filter-v6—Unclassified IPv6 filter action packets; sent to the host because of reject terms in firewall filters.
    • host-route-v4—Unclassified IPv4 routing protocol and host packets in traffic sent to the router local interface address for broadcast and multicast.
    • host-route-v6—Unclassified IPv6 routing protocol and host packets in traffic sent to the router local interface address for broadcast and multicast.
    • other—All unclassified packets that do not belong to another type.
    • resolve-v4—Unclassified IPv4 resolve packets sent to the host because of a traffic request resolve action.
    • resolve-v6—Unclassified IPv6 resolve packets sent to the host because of a traffic request resolve action.
  • Traceoptions support for tracing user access events (MX Series)—Beginning in Junos OS Release 13.2, the traceoptions command for general authentication services supports a user-access flag. You use the new flag to track user access events such as login, authenticate, service activate, and logout.

    To enable the new flag, specify the set system processes general-authentiation-service traceoptions flag user-access command.

  • Human-readable formats for RADIUS attributes and values (MX Series)—Starting in Junos OS Release 13.2, for the following categories, the RADIUS attributes and values for Access and Accounting messages in authd log files are displayed in human-readable, appropriate formats rather than in C format: IPv4/v6 addressing, Event-Timestamp, and all DSL Forum subattributes.
  • Change in maximum value for the revert-interval statement (MX Series)—Starting in Junos OS Release 13.2, the maximum value for the revert-interval statement is 604800 seconds, which is the number of seconds in a week.

    The revert interval is the amount of time the router or switch waits after a RADIUS server has become unreachable before rechecking the connection to the server.

  • ANCP neighbor statement deprecated for identifying access lines (MX Series)—Before Junos OS Release 13.2, an access line could be uniquely identified by the combination of an access identifier (ACI) and an ANCP neighbor IP address. This combination allowed an ACI to be unique within only an ANCP neighbor rather than within the network. RFC 6320, Protocol for Access Node Control Mechanism in Broadband Networks, and new ANCP agent features now require an ACI to be unique within the network. Therefore, an access line must be uniquely identified by the ACI alone. Consequently, the neighbor statement at the [edit protocols ancp interfaces interface-name] and [edit protocols ancp interfaces interface-set interface-set- name] hierarchy levels has been deprecated and hidden.
  • New vpi and vci options in show subscribers command (MX Series routers with MPCs and ATM MICs with SFP)—Junos OS Release 13.2 adds the following two new options to the show subscribers operational command to enable you to display information about active subscribers using PPPoE-over-ATM, PPP-over-ATM (PPPoA), IP-over-ATM (IPoA), or bridged IP-over-Ethernet-over-ATM to access the router over an ATM network:
    • vpi—ATM virtual path identifier (VPI) on the subscriber’s physical interface, in the range 0 through 65535
    • vci—ATM virtual circuit identifier (VCI) for each VPI configured on the subscriber interface, in the range 0 through 255

    In earlier Junos OS releases, the vpi and vci options were not available for the show subscribers command.

    To display information about ATM subscriber interfaces based on their VPI and VCI values so you can better distinguish ATM-based subscribers from Ethernet-based subscribers, you can use the new vpi and vci options for the show subscribers command together or separately. For example, the following show subscribers command includes both the vpi and vci options to display extensive information about the active PPPoE-over-ATM subscriber using VPI 40 and VCI 50. The ATM VPI and ATM VCI fields are new in this output.

    user@host> show subscribers vpi 40 vci 50 extensive
    Type: PPPoE
User Name: testuser
IP Address: 100.0.0.2
IP Netmask: 255.255.0.0
Logical System: default
Routing Instance: default
Interface: pp0.0
Interface type: Static
MAC Address: 00:00:65:23:01:02
State: Active
Radius Accounting ID: 2
Session ID: 2
ATM VPI: 40
ATM VCI: 50
Login Time: 2012-12-03 07:49:26 PST
IP Address Pool: pool_1
IPv6 Framed Interface Id: 200:65ff:fe23:102
  • New brief option for request support information command—Junos OS Release 13.2 adds the brief option to the request support information operational command for all routing platforms on which this command is available.

    The brief option for request support information affects output for the show interfaces extensive no-forwarding command as follows:

    • Without the brief option, the router displays extensive information, which can take a long time to complete, especially in larger networks.
    • With the brief option, the router displays brief information, which does not take as long to complete.

    To reduce the time required to display the output, we recommend that you use the request support information brief command.

    The output for all other show commands called by request support information remains the same, regardless of whether you use the brief option.

    In earlier Junos OS releases, the brief option was not available for the request support information command.

    [See request support information.]

  • Maximum number of pseudowire logical interface devices for subscriber logical interfaces (MX Series)—Starting in Junos OS Release 13.2, the router supports up to 2048 pseudowire logical interface devices (pseudowire tunnels) for subscriber logical interfaces.

    A Packet Forwarding Engine can host a chassis maximum of 2048 pseudowire logical interface devices. This hosting support provides the configuration flexibility needed for special business edge scenarios. You can exceed the available Packet Forwarding Engine resources as you configure additional services on the pseudowire logical interface devices ports. To support a scaled configuration, you must populate the appropriate number of Packet Forwarding Engines for the chassis, and distribute the pseudowire logical interface devices across the Packet Forwarding Engines so that no Packet Forwarding Engine is overwhelmed by the anticipated peak load. To conserve resources when planning your network, make sure that you determine the mix of the pseudowire logical interface devices and the services associated with the devices.

    To configure the number of supported pseudowire logical interface devices, use the device-count statement at the [edit chassis pseudowire-service] hierarchy level.

  • Updated AAA Terminate Reason Mappings (MX Series)—Beginning with Junos OS Release 13.2, the AAA idle-timeout terminate reason is mapped to the RADIUS accounting Idle Timeout (4) terminate cause, and the AAA session-timeout terminate reason is mapped to the RADIUS Session Timeout (5) terminate cause. In earlier releases, both terminate reasons were mapped to the RADIUS accounting NAS Request (10) terminate cause.

    To support backward compatibility, you can configure the router to support the previous behavior—use the terminate-code aaa shutdown (idle-timeout | session-timeout) radius 10 statement at the [edit access] hierarchy level.

User Interface and Configuration

  • New CLI configuration command under the [protocols amt relay] hierarchy—Junos OS Release 13.2 introduces a new CLI configuration command under the [protocols amt relay] hierarchy:
    set <routing-instances foo> protocols amt relay tunnel-devices [ ud-ifd1 ud-ifd2 ... ]

    This is similar to protocols pim tunnel-devices. Includes syntax, up to 32 ud-ifd's, and (unlike pim) is not hidden in any instance. The command only accepts ifd's beginning with "ud-".

Modified: 2016-06-10

Previous Page Next Page