Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Hardware

  • New ACX7024 router (ACX Series)—Starting in Junos OS Evolved Release 22.3R1, we introduce the Juniper Networks ACX7024 Cloud Metro Router, a high-performance access router that meets the growing demands of metro applications. With a compact 1-U form factor, temperature-hardened design, and advanced timing features, the ACX7024 supports Ethernet business services, residential access, and 5G mobile deployments. The ACX7024 also supports the latest protocol and traffic engineering technologies and offers a tamper-proof design that ensures strong security capabilities.

    The ACX7024 router provides a switching capacity of 360 Gbps and the following port configurations:

    • Four 100-Gigabit Ethernet (GbE) ports (ports 0 through 3) that support quad small form-factor pluggable 28 (QSFP28) transceivers. You can channelize these ports into four 25-Gbps interfaces using breakout cables (and channelization configuration). These ports also support 40-Gbps speed when you use QSFP+ optics. You can channelize these 40-Gbps ports into four 10-Gbps interfaces using breakout cables (and channelization configuration).

    • Twenty-four 25-GbE ports (ports 4 through 27) that operate at 25-Gbps speed with SFP28 transceivers, 10-Gbps speed with SFP+ transceivers, or 1-Gbps speed with SFP transceivers.

    You can order the routers with front-to-back airflow (airflow out or AFO) and with AC or DC power supply modules (PSMs).

    Table 1: Features Supported on the ACX7024 Router

    Feature

    Description

    Chassis
    • Support for environmental monitoring and field-replaceable unit (FRU) management. [See show chassis hardware.]

    • Support for Single power supply module (PSM) and PSM Redundancy—The ACX7024 router supports dual PSM (1+1 redundancy) mode by default, and also single PSM mode.

      Use the set chassis pem minimum <number> command to configure single PSM and set it to 1.

      [See pem (M320, ACX7024 Devices), show chassis power.]

    Class of Service

    DHCP

    • DHCP server and DHCP relay configuration for IPv4 and IPv6 services.

      [See DHCP Overview.]

    Ethernet Protocols

    • Support for Ethernet ring protection switching (ERPS) with G.8032 version 2.

      [See Understanding Ethernet Ring Protection Switching Functionality.]

    • Support for Layer 2 Protocol Tunneling (L2PT)—You can use L2PT to send L2 protocol data units (PDUs) across the network and deliver them to devices that are not part of the local broadcast domain.

      You can configure L2PT using the protocol <protocol name> configuration statement at the [edit protocols layer2-control mac-rewrite interface <interface name>] hierarchy level and destination MAC address using the tunnel-destination-mac <mac address> configuration statement at the [edit protocols layer2-control mac-rewrite] hierarchy level.

    • Support for Rapid Spanning Tree Protocol (RSTP), Multiple Spanning Tree Protocol (MSTP), and VLAN Spanning Tree Protocol (VSTP).

      [See Spanning-Tree Protocol Overview.]

    EVPN

    • Support for EVPN-MPLS—ACX7024 router supports the following EVPN-MPLS features on MAC-VRF instances:

      • L2 flooding for broadcast, unknown unicast, and multicast (BUM) traffic

      • Split-horizon between core interfaces

      • Data plane and control plane MAC learning and aging, and static MAC

      • MAC movement and MAC mobility on control plane only

      • MAC limiting and MAC learning

      • Input and output VLAN maps using normalization on user-to-network interfaces (UNIs)

      • Aggregated Ethernet interfaces used for UNIs and network node interfaces (NNIs)

      • Physical interfaces for VLAN tagging, stacked VLAN tagging, flexible VLAN tagging, and extended VLAN bridges using EVPN-MPLS as a service

      • Ethernet bridge mode for logical UNIs

      • VLAN ID lists, native VLAN ID supported logical UNIs, and priority-tagged logical interfaces

      • Underlay with ECMP and Fast reroute (FRR)

      • Control-word support for EVPN

      • EVPN Proxy Address Resolution Protocol (ARP) and ARP suppression

      [See EVPN Feature Guide.]

    • Virtual private wire service (VPWS) with EVPN signaling mechanisms and flexible cross-connect support.

      [See Overview of VPWS with EVPN Signaling Mechanisms.]

    Firewall Filters

    High Availability

    • Support for the following Bidirectional Forwarding Detection (BFD) features:

      • BFD for IPv4 and IPv6 routes

      • Single-hop BFD in inline mode with an interval range of 4 milliseconds to 1 second

      • Single-hop BFD in distributed mode with an interval of 1 second or more

      • Single-hop BFD in centralized mode with a minimum interval of 1 second to detect IRB failures

      • Multihop BFD with an interval of 1 second or more

      • Micro-BFD for LAG in centralized or distributed mode with an interval of 1 second or more

      [See Bidirectional Forwarding Detection (BFD).]

    • You can configure BFD over label-switched paths (LSPs) or RSVP-based LSPs in a centralized mode. [See Bidirectional Forwarding Detection (BFD) for MPLS.]

    • VRRP for IPv4 and IPv6. [See VRRP and VRRP for IPv6 Overview.]

    Interfaces

    • Support for 1RU Metro Ethernet device —The ACX7024 router is a high-density 1RU Metro Ethernet device with 28 ports. You can configure the first four ports as 40-Gigabit or 100-Gigabit Ethernet interfaces. The first four ports also support channelization. Ports 0-3 also supports 10-Gigabit and 25-Gigabit Ethernet interfaces using channelization. You can configure the remaining 24 ports as 1-Gigabit, 10-Gigabit, or 25-Gigabit Ethernet interfaces.

      By default, the ports are 10-Gigabit and 100-Gigabit Ethernet interfaces.

      Note:

      If you enable PTP mode, the system deletes port et-0/0/27.

      To configure the port speed of the line card, use the statement at the [set interfaces <intf name> speed <speed>] hierarchy. Assign the speed value as <1G | 10G | 25G | 40G | 100G >.

      To disable the port, use the set interfaces <intf name> unused command.

      [See Port Speed.]

    Layer 2 features

    • Support for the following advanced L2 features:

      • Bridge domain without a vlan-id number statement

      • Bridge domain with the vlan-id value set to None

      • Bridge domain with a single VLAN ID

      • Single-learning domain

      • MAC limiting

      • Ethernet service types:

        • E-Line with these AC interface types: port, VLAN, Q-in-Q, VLAN list, and VLAN maps

        • E-line

        • E-LAN

        • E-Access

        • E-Transit

      • LLDP

      • LACP

      • IRB interface

      • Link aggregation group (LAG) support with the following hashing algorithms:

        • For family multiservice, destination and source MAC addresses

        • For family inet, Layer 3 and Layer 4

        • For family inet6, Layer 3 destination and source addresses

        • For family inet6, Layer 4 destination and source ports

      • Encapsulation types:

        • extended-vlan-bridge

        • vlan-bridge

      • Q-in-Q tunneling

      [See Understanding Layer 2 Bridge Domains and Q-in-Q Tunneling.]

    • Disable local switching in bridge domains.

      [See Configuring MAC Address Flooding and Learning for VPLS.]

    • Storm control

      [See Understanding Storm Control.]

    Layer 2 VPN

    • Support for VPLS—The ACX7024 routers support a single VLAN for each virtual switch routing instance type. Junos OS Evolved does not support the family vpls option. To configure VPLS on the ACX7024 routers, configure the instance-type virtual switch statement at the [edit routing-instances routing instance ] hierarchy level.

      [See Introduction to Configuring VPLS.]

    • Layer 2 VPN and L2 circuit support:

      • L2 circuit—Targeted LDP signaling pseudowires and interoperability between different types of supported attachment circuit (AC) for L2 circuit

      • L2 VPN circuit—BGP signaling

    • MPLS fast reroute (FRR) on IGP, circuit attachment types (port, VLAN, and Q-in-Q tunneling), control word, pseudowire circuit on aggregated Ethernet interfaces, indirect next hops and composite next hops, pipe and uniform mode time-to-live (TTL), Tag Protocol Identifiers (TPIDs), and VLAN map on pop, push, or swap

      [See Understanding Layer 2 VPNs and Understanding Layer 2 VPNs and Configuring Interfaces for Layer 2 Circuits.]

    Layer 3 features

    Layer 3 VPN

    • Support for the following Layer 3 (L3) VPN features:

      • IP-VPN services:

        • Virtual routing and forwarding (VRF) and virtual-router instance type

        • All control plane configuration options

        • Per-prefix and per-table label signaling

        • L3 VPN support with ECMP

        • BGP policies support for different L3 VPN use cases such as full mesh VPN, hub-spoke VPN, management VPN, and leaking routes

        • L3 VPN with vrf-table-label mode

        • L3 VPN with chained-composite-next-hop mode

        • L3 VPN ping using ping mpls l3vpn prefix prefix-name l3vpn name command

          Note:

          The ping command works only with the vrf-table-label configuration.

      • 6PE and 6VPE with PE-CE routing-static and PE-to-CE BGPv6

      • Import and export of routes across non-default to non-default virtual routing and forwarding (VRF)

        Note:

        Table next hop is not supported.

      • Inter-autonomous system (Inter-AS) options A, B, and C

        Note:

        You can deploy inter-AS option B in a hierarchical network design within a single interior gateway protocol (IGP) autonomous system.

      • Provider edge-to-customer edge (PE-to-CE) route using static route and routing protocols such as eBGP, IS-IS, OSPF, and RIP

    Currently, we do not support virtual tunnel (VT) interface-based L3 VPN. [See Layer 3 VPNs User Guide for Routing Devices.]

    Management

    • Support for NETCONF, Transport Layer Security (TLS), YANG, and OpenConfig management features.

    MPLS

    • Support for the following MPLS features:

      • IP/MPLS infrastructure feature set for the L3 VPN service

      • Basic BGP control plane features such as LDP-DOD, CSPF, and single-area CSPF

      • MPLS label stack

      • MPLS protections:

        • Fast reroute (FRR)/ Make-before-break (MBB)

        • Link protection

        • Node protection

      • Label-switching router (LSR)

      • Shared Risk Link Group (SRLG) for MPLS

      • RSVP label-switched path (LSP) over IPv4 include refresh reduction

      • Label Distribution Protocol (LDP) LSP over IPv4

      • RSVP 1:1

      • RSVP-Traffic Engineering (RSVP-TE)

      • LDP over RSVP

      • Inter-autonomous system LSP intra-area LSP

      [See MPLS Applications User Guide.]

    Multicast

    • Support for L2 multicast-related features, includes Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) snooping. You can configure IGMP snooping with IGMPv1, IGMPv2, and IGMPv3, which includes the support for:

      • IGMP snooping in Bridge Domain (BD)

      • IGMP snooping with integrated routing and bridging (IRB) configured in BD

      • MLD snooping in BD

      • MLD snooping with IRB configured in BD

      [See IGMP Snooping Overview and Understanding MLD Snooping.]

    • Support for IPv4 multicast for L3. You can configure IGMP snooping with IGMPv2 and IGMPv3, which includes support for the following:

      • Auto-rendezvous point (auto-RP)

      • Anycast RP

      • IGMP filter

      • IGMP querier

      • Protocol Independent Multicast source-specific multicast (PIM SSM)

      • PIM sparse mode (PIM SM)

      Note:

      In this Junos OS Evolved release, the ACX7024 doesn't support IPv6 multicast or L3 multicast protocols (such as IGMP, MLD, or PIM) over IPv4 and IPv6 IRB interfaces.

      [See IGMP Snooping Overview.]

    • Support for multichassis link aggregation groups (MC-LAGs). The following features are available on MC-LAGs:

      • Layer 2 bridging for active-active and active-standby modes

      • Layer 3 unicast

      [See Understanding Multichassis Link Aggregation Groups.]

    Operations, Administration, and Management

    Resiliency

    Support for platform resiliency to handle failures and faults related to components such as CPU, fan trays, temperature sensors, power supply units, FPGA, and optics. Fault handling includes detecting and logging the error, raising alarms, sending SNMP traps, communicating errors through LEDs, self-healing, and taking components out of service.

    [See show system errors active.]

    Routing Policy

    Unicast reverse path forwarding (unicast RPF) support for IPv4 and IPv6. You can reduce the impact of denial-of-service (DoS) attacks for IPv4 and IPv6 interfaces by configuring unicast RPF. You can use unicast RPF to determine the source of attacks and reject packets from unexpected source addresses on interfaces. However, we do not support unicast RPF checking for:

    • Transit packets exiting a tunnel source interface.

    • Asymmetrical routing.

    [See Understanding Unicast RPF (Routers).]

    Segment Routing

    Support for segment routing—The following segment routing features are supported:

    • Segment routing global block (SRGB) for OSPF and IS-IS

    • Fast reroute

    • Metro Ethernet services over segment routing infrastructure

     

    Support for segment routing—The following segment routing features are supported:

    • Segment routing services: L3VPN, IPv6 VPN Provider Edge (6VPE) , IPv6 Provider Edge (6PE), Layer 2 (L2) VPN, L2 Circuit, and BGP-VPLS

    • Static segment routing (node segment, prefix segment, adjacency, and anycast segments) for OSPF and IS-IS

    • Topology-independent loop-free alternate (TI-LFA) with segment routing for OSPF and IS-IS

    [See Understanding Topology-Independent Loop-Free Alternate with Segment Routing for IS-IS, Understanding Source Packet Routing in Networking (SPRING), and Understanding Adjacency Segments, Anycast Segments, and Configurable SRGB in SPRING.]

    Services applications
    • Support for RFC 5357, Two-Way Active Measurement Protocol (TWAMP) monitoring service. You can configure the TWAMP monitoring service, which sends out probes to measure network performance. You often use TWAMP to check compliance with service-level agreements. In Junos OS Evolved, you configure TWAMP at the [edit services monitoring twamp] hierarchy level.

      The support for this service is limited to the following:

      • IPv4 traffic only for control sessions and test sessions

      • Probe statistics and history

      • Control and test session status

      • Test session probe generation and reception, as well as reflection

      • Timestamps set by the Routing Engine or the Packet Forwarding Engine

      • Error reporting through system log messages only

      • Unauthenticated mode only

    • TWAMP IPv6 address support—You can specify IPv6 source and target addresses for TWAMP clients, control connections, and test sessions.

    [See Understanding Two-Way Active Measurement Protocol on Routers.]

    Software installation and upgrade

    • Support for secure-boot implementation based on the UEFI 2.4 standard.

      [See Secure Boot.]

    • Support for either WAN interfaces or management interfaces to automatically download and install the appropriate software and the configuration file on your device during the ZTP bootstrap process.

      [See Zero Touch Provisioning.]

    Security Services

    System Management

    • Support for an alternate partition for device recovery—An alternate partition called /altconfig is used to recover the device when the /config partition gets corrupted. In certain scenarios, the /config (which holds the last four committed configuration files along with the rescue configuration) gets corrupted during resets or power cycles. The /altconfig partition (which holds the juniper.conf.gz and rescue.conf.gz files) is used by the management daemon (mgd) to recover the device when the /config is corrupted. This is a boot time feature and is enabled by default.

    Timing and synchronization

    • Support for enhanced Ethernet equipment clock (eEEC). Enhanced EEC enables new clocks to operate with different quality levels defined in the Synchronous Ethernet chain.

      To enable enhanced EEC on your router, configure the enable-extended-qltlv statement at the [edit chassis synchronization] hierarchy level.

      The ACX7024 supports the following new clock quality levels for enhanced EEC:

      • Enhanced primary reference time clock (ePRTC)

      • Primary reference time clock (PRTC)

      • Enhanced primary reference clock (ePRC

      • Enhanced Ethernet equipment clock (eEEC)

      [See enable-extended-ql-tlv, Ethernet Synchronization Message Channel Overview, and synchronization.]

    • Support for frequency synchronization using Synchronous Ethernet. [See Synchronous Ethernet Overview.]

    • Support for G.8275.1 telecom profile, Precision Time Protocol (PTP) over Ethernet encapsulation, and hybrid mode. [See Precision Time Protocol Overview and Understanding Hybrid Mode.]

    • Support for Precision Time Protocol (PTP) G.8275.1 enh and G.8275.2 enh profiles with PTP over IPv4 and IPv6 unicast. The G.8275.1 enh profile does not support unicast negotiation.

      [See PTP profiles.]

    To view the hardware compatibility matrix for optical interfaces, transceivers, and DACs supported on the ACX7024 router, see the Hardware Compatibility Tool.