Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

System Requirements

Read this section to understand the system, resource, port, and licensing requirements for installing Juniper Cloud-Native Router.

Host System Requirements

This section lists the host system requirements for installing the cloud-native router.

Table 1: Cloud-Native Router Host System Requirements
Component Release 23.2
Value/Version Notes
CPU Intel x86 The tested CPU is Intel Xeon Gold 6212U 24-core @2.4 GHz
Host OS

RedHat Enterprise Linux

Version 8.4, 8.5, 8.6

Rocky Linux 8.6
Kernel Version RedHat Enterprise Linux (RHEL): 4.18.X

Rocky Linux: 4.18.X

The tested kernel version for RHEL is 4.18.0-305.rt7.72.el8.x86_64

The tested kernel version for Rocky Linux is 4.18.0-372.19.1.rt7.176.el8_6.x86_64 and 4.18.0-372.32.1.rt7.189.el8_6.x86_64

NIC
  • Intel E810 with Firmware 4.00 0x80014411 1.3236.0

  • Intel E810-CQDA2 with Firmware 4.000x800144111.3236.0

  • Intel XL710 with Firmware 9.00 0x8000cead 1.3179.0

  • Elastic Network Adapter (ENA)

 
IAVF driver Version 4.5.3.1  
ICE_COMMS Version 1.3.35.0  
ICE Version 1.9.11.9 ICE driver is used only with the Intel E810 NIC
i40e Version 2.18.9 i40e driver is used only with the Intel XL710 NIC
Kubernetes (K8s) Version 1.22.x, 1.23.x, 1.25x The tested K8s version is 1.22.4, although 1.22.2 will also work.
Calico Version 3.22.x  
Multus Version 3.8  
Helm 3.9.x  
Container-RT Docker CE 20.10.11, crio 1.25x  
Amazon EKS   The K8s version is 1.23.17.

Kernel version is 5.4.235-144.344.amzn2.x86_64
OS version is Amazon Linux 2

OpenShift 4.12.0 The K8s version is 1.25.4.

Resource Requirements

This section lists the resource requirements for installing the cloud-native router.

Table 2: Cloud-Native Router Resource Requirements
Resource Release 23.2
Value Usage Notes
Data plane forwarding cores 2 physical cores (2p)  
Service/Control Cores 0  
UIO Driver VFIO-PCI  
Hugepages (1G) 6 Gi Add GRUB_CMDLINE_LINUX_DEFAULT values in /etc/default/grub and reboot the host. For example: GRUB_CMDLINE_LINUX_DEFAULT="console=tty1 console=ttyS0 default_hugepagesz=1G hugepagesz=1G hugepages=64 intel_iommu=on iommu=pt"
JCNR Controller cores .5  
JCNR vRouter Agent cores .5  

Miscellaneous Requirements

This section lists additional requirements for installing the cloud-native router.

Table 3: Miscellaneous Requirements
Cloud-Native Router Release 23.2 Miscellaneous Requirements
Enable VLAN driver at system boot using the command:

modprobe 8021q

Verify by executing the command

lsmod | grep 8021q

Enable VFIO-PCI driver at system boot
Set IOMMU and IOMMU-PT in /etc/default/grub file. For example:
GRUB_CMDLINE_LINUX_DEFAULT="console=tty1 console=ttyS0 default_hugepagesz=1G hugepagesz=1G hugepages=64 intel_iommu=on iommu=pt"

Update grub and reboot the host. For example:

grub2-mkconfig -o /boot/grub2/grub.cfg 
Disable Spoofcheck on VFs allocated to JCNR. For example: ip link set <interfacename> vf 1 spoofcheck off.
Note:

Applicable only on L2 deployments.

Set trust on VFs allocated to JCNR. For example: ip link set <interfacename> vf 1 trust on
Note:

Applicable only on L2 deployments.

Additional kernel modules need to be loaded on the host before deploying JCNR in L3 mode. These modules are usually available in linux-modules-extra or kernel-modules-extra packages. Run the following commands to add the kernel modules.

  • modprobe tun

  • modprobe fou

  • modprobe fou6

  • modprobe ipip

  • modprobe ip_tunnel

  • modprobe ip6_tunnel

  • modprobe mpls_gso

  • modprobe mpls_router

  • modprobe mpls_iptunnel

  • modprobe vrf

  • modprobe vxlan

Run the ip fou add port 6635 ipproto 137 command on the Linux host to enable kernel based forwarding.

NetworkManager is a tool in some operating systems to make the management of network interfaces easier. NetworkManager may make the operation and configuration of the default interfaces easier. However, it can interfere with the Kubernetes management and create problems.

To avoid the NetworkManager from interfering with the interface configurations, perform the following steps:

  1. Create the file, /etc/NetworkManager/conf.d/crpd.conf.
  2. Add the following content in the file.
    [keyfile]
     unmanaged-devices+=interface-name:enp*;interface-name:ens*
    Note: enp* indicates all interfaces starting with enp. For specific interface names, provided a comma-separated list.
  3. Restart the NetworkManager service by running the command, sudo systemctl restart NetworkManager.
  4. Edit the sysctl file on the host and paste the following content in it:
    net.ipv6.conf.default.addr_gen_mode=0
    net.ipv6.conf.all.addr_gen_mode=0
    net.ipv6.conf.default.autoconf=0
    net.ipv6.conf.all.autoconf=0
  5. Run the command sysctl -p /etc/sysctl.conf to load the new sysctl.conf values on the host.
  6. Create the bond interface manually. For example:

    ifconfig ens2f0 down
    ifconfig ens2f1 down
    ip link add bond0 type bond mode 802.3ad
    ip link set ens2f0 master bond0
    ip link set ens2f1 master bond0
    ifconfig ens2f0 up ; ifconfig ens2f1 up; ifconfig bond0 up
Verify the core_pattern value is set on the host before deploying JCNR:
sysctl kernel.core_pattern
kernel.core_pattern = |/usr/lib/systemd/systemd-coredump %P %u %g %s %t %c %h %e

You can update the core_pattern in /etc/sysctl.conf. For example:

kernel.core_pattern=/var/crash/core_%e_%p_%i_%s_%h_%t.gz

Port Requirements

Juniper Cloud-Native Router listens on certain TCP and UDP ports. This section lists the port requirements for the cloud-native router.

Table 4: Cloud-Native Router Listening Ports
Protocol Port Description
TCP 8085 vRouter introspect–Used to gain internal statistical information about vRouter
TCP 8070 Telemetry information-Used to see telemetry data from cloud-native router
TCP 9091 vRouter health check–cloud-native router checks to ensure contrail-vrouter-dpdk process is running, etc.
TCP 50052 gRPC port–JCNR listens on both IPv4 and IPv6
TCP 24 cRPD SSH
TCP 830 cRPD NETCONF
TCP 666 rpd
TCP 1883 Mosquito mqtt–Publish/subscribe messaging utility
TCP 9500 agentd on cRPD
TCP 21883 na-mqttd
TCP 50051 jsd on cRPD
TCP 51051 jsd on cRPD
UDP 50055 Syslog-NG

JCNR Licensing

Starting with Juniper Cloud-Native Router (JCNR) Release 22.2, we have enabled our Juniper Agile Licensing (JAL) model. JAL ensures that features are used in compliance with Juniper's end-user license agreement. You can purchase licenses for the Juniper Cloud-Native Router software through your Juniper Account Team. You can apply the licenses by using the CLI of the cloud-native router controller. For details about managing multiple license files for multiple cloud-native router deployments, see Juniper Agile Licensing Overview.

Note:

Starting with JCNR Release 23.2, the JCNR license format has changed. Request a new license key from the JAL portal before deploying or upgrading to 23.2 or newer releases.

To verify your JCNR license:

  1. Run the command kubectl get pods -A | grep -i crpd on the host server.

  2. Identify the cRPD pod and issue the command kubectl exec -it -n jcnr kube-crpd-worker-sts-0 -- cli show system license.