What's Changed

EVPN-VXLAN tracing configuration— The set services trace evpn-vxlan configuration invokes a built-in commit script to generate tracing configurations for troubleshooting EVPN-VXLAN in multiple modules and hierarchies.

[See trace (EVPN-VXLAN).]

• Peer PE device peer-id value can only be 1 or 2.

• You are required to configure the loopback subnet addresses for each peer PE device using the new loopback-subnet peer1-subnet and loopback peer2-subnet options at the edit services evpn device-attribute hierarchy level. The commit script uses these values for each peer PE device's loopback subnet instead of deriving those values on each PE device. The loopback-subnet option at the edit services evpn device-attribute hierarchy level has been deprecated.

• If you configure the no-policy-and-routing-options-config option, you must configure a policy statement called EXPORT-LO0 that the default underlay configuration requires, or configure the new no-underlay-config option and include your own underlay configuration.

• The commit script generates "notice" messages instead of "error" messages for configuration errors so you can better handle edit services evpn configuration issues.

• The commit script includes the element names you configure (such as IRB instance names and server names) in description statements in the generated configuration.

This feature also now includes a few new options so you have more flexibility to customize the generated configuration:

• no-underlay-config at the edit services evpn hierarchy level—To provide your own underlay peering configuration.

• mtu overlay-mtu and mtu underlay-mtu options at the edit services evpn global-parameters hierarchy level—To change the default assigned MTU size for underlay or overlay packets.

[See Easy EVPN LAG Configuration.]

Change in options and generated configuration for the EZ-LAG configuration IRB subnet-address statement—With the EZ-LAG subnet-address inet or subnet-address inet6 options at the edit services evpn evpn-vxlan irb irb-instance hierarchy, you can now specify multiple IRB subnet addresses in a single statement using the list syntax addr1 addr2 ?. Also, in the generated configuration for IRB interfaces, the commit script now includes default router-advertisement statements at the edit protocols hierarchy level for that IRB interface.

[See subnet-address (Easy EVPN LAG Configuration).]

For firewall filter action and match on slice ID, family-name can be inet, inet6, mpls, or any.

The active-user-count is defined as a numeric integer value in ODL request output — The output for the get-system-uptime-information ODL request contains information for the active-user-count. The active-user-count is now defined as a numeric integer value and avoids an invalid value type error.

[See show system uptime.]

Two new alarms are added and can be seen with MPC11E when 400G-ZR optics are used. High Power Optics Too Warm: warning of the increase in chassis ambient temperature with no functional action taken on the optics Temperature too high for optics power on: New inserted optics when the chassis ambient temperature is elevated beyond the threshold will not be powered on and would need to be reinserted when the ambient temperature is within the acceptable range

The packet rate and byte rate fields for LSP sensors on AFT (with the legacy path) have been renamed as jnx-packet-rate and jnx-byte-rate and is in parity with the UKERN behavior. Previously, these rate fields were named as packetRate and byteRate.

Before this change most list were ordered by the sequence in which the user configured the list items, for example a series of static routes. After this change the list order is determined by the system with items displayed in numerical sequence rather than by the order in which the items were configured. There is no functional impact to this change.

Deprecated license revoke information—Starting in Junos OS Release 23.4R1, we've deprecated the show system license revoked-info command. You can use the show system license and show system license usage commands to know the license information.

NOTE: In the CLI using the command request chassis feb slot slot-number offline if you make the primary FEB offline, a traffic loss warning message is displayed and the FEB offline request is rejected. If offline/restart is still intended for primary FEB, use force option in addition to the command. WARNING message displayed in the CLI: "warning: RCB and FEB work in the paired slot mode. FEB %s offline/restart will result in traffic loss and does not cause a switchover. Please re-try after initiating a mastership switchover using 'request chassis routing-engine master switch' CLI. If offline/restart is still intended, use 'force' option in addition to this CLI."

Support for podman-based JDM deployment—Starting in Junos OS Release 23.2R1, the external server-based Junos node slicing supports deployment of Juniper Device Manager (JDM) using the Pod Manager tool (podman). This change is applicable to servers running Red Hat Enterprise Linux (RHEL) 9. In Junos releases prior to 23.2R1, Junos node slicing supported RHEL 7.3 that provided libvirt?s lxc driver (libvirt-lxc) to deploy JDMs.

While running request system snapshot recovery command on all VMHost based Routing Engines, disable or stop reporting any warning message.

Autonegotiation status in show interfaces extensive output (QFX5120-48Y): The show interfaces extensive output shows the autonegotiation information for SFP-T transceivers.

Media type in show interface extensive command (QFX5210-64C)— The media type shows ?Fiber? in the show interface et-x/y/z command output for optics transceivers.

[See https://www.juniper.net/documentation/us/en/software/junos/cli-reference/topics/ref/command/show-interfaces-extensive.html#show-interfaces-extensive-command__subsection_ppl_x4m_hdc.]

New commit check for MAC-VRF routing instances with the encapsulate-inner-vlan statement configured— We introduced a new commit check that prevents you from configuring an IRB interface and the encapsulate-inner-vlan statement together in a MAC-VRF routing instance. Please correct or remove these configurations prior to upgrading to 23.2R2 or newer to avoid a configuration validation failure during the upgrade.

[See encapsulate-inner-vlan.]

Support extended for Default No VSTP Flooding (EX Series and QFX Series)-When a switch receives an incoming VSTP PDU, it is sent to the PFE host path where it is re-injected over the VLAN, which might cause VSTP flooding. No VSTP (VLAN Spanning Tree Protocol) Flooding, allows the packets to be dropped at the PFE host path and does not allow flooding or re-injection to the VLAN. "No VSTP Flooding" is implemented by default.

VSTP flooding can be enabled using set switch-options vstp-flooding command.

[See Configuring VSTP.]

Starting in Junos OS release 23.2R1, the output of show chassis power command displays the state of the power supply in PTX10003 and QFX10003 platforms.

[See show chassis power.]

XML output tags changed for request-commit-server-pause and request-commit-server-start (ACX Series, EX Series, MX Series, QFX Series, SRX Series, and vSRX)—We've changed the XML output for the request system commit server pause command (request-commit-server-pause RPC) and the request system commit server start command (request-commit-server-start RPC). The root element is <commit-server-operation> instead of <commit-server-information>, and the <output> tag is renamed to <message>.

Ability to commit extension-service file configuration when application file is unavailable—When you set the optional option at the edit system extension extension-service application file file-name hierarchy level, the operating system can commit the configuration even if the file is not available at the /var/db/scripts/jet file path.

[See file (JET).]

Ability to restart restart daemonized applications—Use the request extension-service restart-daemonize-app application-name command to restart a daemonized application running on a Junos device. Restarting the application can assist you with debugging and troubleshooting.

[See request extension-service restart-daemonize-app.]

NETCONF <copy-config> operations support a file:// URI for copy to file operations (ACX Series, EX Series, MX Series, QFX Series, SRX Series, and vSRX)—The NETCONF <copy-config> operation supports using a file:// URI when <url> is the target and specifies the absolute path of a local file.

[See <copy-config>.]

ephemeral-db-support statement required to configure MSTP, RSTP, and VSTP in the ephemeral configuration database (ACX Series, EX Series, and QFX Series)—To configure Multiple Spanning Tree Protocol (MSTP), Rapid Spanning Tree Protocol (RSTP), or VLAN Spanning Tree Protocol (VSTP) in the ephemeral configuration database, you must first configure the ephemeral-db-support statement at the [edit protocols layer2-control] hierarchy level in the static configuration database.

[See Enable and Configure Instances of the Ephemeral Configuration Database.]

Two-Way Active Measurement Protocol (TWAMP) server/reflector test traffic classified by the ingress filter was re-classified with the values configured on the host-outbound-traffic configuration statement (All Junos OS Evolved platforms; MX Series platforms with MPC10E, MPC11E, or JNP10K-LC9600 cards)—We no longer re-classify the egress TWAMP traffic. We now maintain the same queue for the packets in the egress direction that the packets had in the ingress direction.

Previously, shaping of Layer 2 pseudowires did not work on logical tunnel interfaces. This has been fixed for all platforms except QX chip-based MICs and MPCs.

After this change ISIS export policies support setting the down bit configuring the "set-down-bit" action in an export policy term.

In Junos OS Evolved platforms, show route snooping and show route forwarding-table does not show /56 routes in the VPLS address family table.

Starting in Junos OS Evolved 23.4R1, we have enabled the process-non-null-as-null-register configuration statement under edit protocols pim rp local by default. For earlier releases, you must configure this statement explicitly.

Optimized mesh group routes (QFX5110, QFX5120, QFX5130, QFX5700 and ACX Series)— show route snooping for inet.1/inet6.1 table and show route snooping table inet.1/inet6.1 will display only CE mesh group routes for platforms that support EVPN-MPLS or EVPN-VxLAN multicast. In earlier releases, other mesh groups like the VE mesh group were also displayed.

Viewing files with the file compare files command requires users to have maintenance permission — The file compare files command in Junos OS and Junos OS Evolved requires a user to have a login class with maintenance permission.

[See Login Classes Overview.]

XML output tags changed for request-commit-server-pause and request-commit-server-start (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, and vSRX)—We've changed the XML output for the request system commit server pause command (request-commit-server-pause RPC) and the request system commit server start command (request-commit-server-start RPC). The root element is commit-server-operation instead of commit-server-information, and the output tag is renamed to message.

Information about users editing system configuration — The show system configuration database status command displays information from the Junos OS configuration database that describes the users currently editing the system configuration.

[See Display Users Currently Editing the Configuration.]