Network Management and Monitoring
-
CFM CCM support on PS interfaces (MPC7E, MPC8E, MPC9E, MPC10E, and MPC11E line cards)—Starting in Junos OS Release 21.2R1, we support connectivity fault management (CFM) continuity check messages (CCM) on PS interface part of EVPN. You can configure:
- CCM for down maintenance association end points (MEPs), that are down, on the PS interface to monitor the Ethernet networks for connectivity faults.
- Remote defect indication (RDI) for the CCM frame.
- Action profile with action link down for the remote MEP to bring down the PS interface when connectivity is lost.
- Ethernet link trace (ETH-LT) and loopback (ETH-LB) are supported on the CFM session.
-
SOAM support (SRX380, SRX300, SRX320, SRX340, SRX345, and SRX550HM)—Starting in Junos OS Release 21.2R1, you can send delay measurement packets when a CFM session is established on SRX Series devices. We support performance monitoring MIBs that are necessary to manage Service Operation, Administration, and Maintenance (SOAM) performance monitoring functions that are defined in:
- Service OAM requirements and framework specified by MEF 17
- Service OAM Performance Monitoring requirements as specified by SOAM-PM
- Service OAM management objects as specified by MEF 7.1
- Technical Specification MEF 36
-
OAM ping support for segment routing with IPv6 (SRv6) network programming (MX Series)—Starting in Junos OS Release 21.2R1, you can perform the Operation, Administration, and Maintenance (OAM) ping operation for any SRv6 segment identifier (SID) whose behavior allows upper layer header processing for an applicable OAM payload.
Because segment routing with IPv6 data plane (SRv6) adds only the new type-4 routing extension header, you can use the existing ICMPv6-based ping mechanisms for an SRv6 network to provide OAM support for SRv6. Ping with O-Flag (segment header) is not supported.
[See ITU-T Y.1731 Ethernet Service OAM Overview and How to Enable SRv6 Network Programming in IS-IS Networks.]
-
Enhanced CFM support (ACX5448, ACX5448-M, and ACX5448-D)—Starting in Junos OS Release 21.2R1, you can enable the performance monitoring responder functionality without enabling the transmission of continuity check messages (CCM). To enable the performance monitoring responder functionality without enabling CCM transmission, configure our new configuration statement
send-zero-interval-ccm
under the[edit protocols protocols oam ethernet connectivity-fault-management]
hierarchy level. After you configure the statement, if the continuity-check is not enabled, CCMs are not transmitted, but are programmed to receive the CFM packets for that maintenance endpoint (MEP) level.[See IEEE 802.1ag OAM Connectivity Fault Management Overview and connectivity-fault-management (EX Series Switch Only).]
-
sFlow support for IP-IP traffic with VRF (PTX1000, PTX10002, PTX10008, QFX10002, and QFX10008)—Starting in Junos OS Release 21.2R1, you can use sFlow technology to sample IP over IP (IP-IP) traffic that is hosted on multiple virtual routing and forwarding (VRF) instances. sFlow sampling now reports the extended router data correctly when the incoming and outgoing interfaces of the traffic reside on two different VRFs in IP-IP traffic for egress sampling.
[See Overview of sFlow Technology.]
-
Support for syslog over TLS (EX Series, MX Series, PTX Series, and QFX Series)—Starting in Junos OS Release 21.2R1, you can transport syslog (control plane) over Transport Layer Security (TLS) protocol. Encapsulating syslog over TLS allows you to:
-
Validate the remote destination (syslog server) before transmitting any sensitive syslog information. (Authentication)
-
Encrypt the syslog during the transport. (Encryption)
-
Verify that the data has not been modified or tampered with (Integrity)
Before you enable this feature, ensure you:
-
Configure public key infrastructure (PKI) in Junos
-
Configure and load the digital certificates
-
Configure the remote destination (syslog server) that supports syslog over TLS
To enable transport of syslog (control plane) over TLS, use the
tls
statement at the [edit system syslog host host-name transport
] hierarchy level. -
-
Syslog support to replay events (MX Series)—Starting in Junos OS Release 21.2R1, you can replay syslog events over gRPC. Configure the
last minute
statementat the[edit system syslog grpc-replay]
hierarchy level to replay events. You can also filter events based on facility and priority. Use thefacility
statement to filter events according to facility, and use thepriority
statement to filter events according to the priority at the[edit system syslog grpc-replay]
hierarchy level. You can use thefacility
and thepriority
options to filter replay or live events.[See grpc-replay.]
-
Support for port mirroring (ACX710)—Starting in Junos OS Release 21.2R1, you can use analyzers to mirror copies of packets to a configured destination. You configure the analyzer at the
[edit forwarding-options analyzer]
hierarchy level.