Juniper JUNOS OS 10.4 Release note

Brand: Juniper

Model: JUNOS OS 10.4

Category: Networking

Type: Release note

This manual is also suitable for

JUNOS OS 10.4 - S REV 5

Junos

OS 10.4 Release Notes

Release 10.4R1

04 February 2011

Revision 5

These release notes accompany Release 10.4R1 of the Junos operating system (Junos

OS). They describe device documentation and known problems with the software. Junos

OS runs on all Juniper Networks M Series, MX Series, and T Series routing platforms, SRX

Series Services Gateways, J Series Services Routers, and EX Series Ethernet Switches.

You can also find these release notes on the Juniper Networks Junos OS Documentation

Web page, which is located at http://www.juniper.net/techpubs/software/junos.

Contents

Junos OS Release Notes for Juniper Networks M Series Multiservice Edge Routers,

MX Series Ethernet Service Routers, and T Series Core Routers . . . . . . . . . . . . 6

New Features in Junos OS Release 10.4 for M Series, MX Series, and T Series

Routers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

Class of Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

Interfaces and Chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Junos OS XML API and Scripting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Layer 2 Ethernet Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

MPLS Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

MX Series . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Routing Policy and Firewall Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Routing Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Services Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Subscriber Access Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

System Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

VPNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Changes in Default Behavior and Syntax in Junos OS Release 10.4 for M

Series, MX Series, and T Series Routers . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Class of Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Forwarding and Sampling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Interfaces and Chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Junos OS XML API and Scripting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

MPLS Application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

Platform and Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

Routing Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

Services Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

Subscriber Access Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

User Interface and Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

VPNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Issues in Junos OS Release 10.4 for M Series, MX Series, and T Series

Routers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Current Software Release . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Previous Releases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

Errata and Changes in Documentation for Junos OS Release 10.4 for M

Series, MX Series, and T Series Routers . . . . . . . . . . . . . . . . . . . . . . . . . . 73

Changes to the Junos OS Documentation Set . . . . . . . . . . . . . . . . . . . . . 73

Errata . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75

Upgrade and Downgrade Instructions for Junos OS Release 10.4 for M Series,

MX Series, and T Series Routers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78

Basic Procedure for Upgrading to Release 10.4 . . . . . . . . . . . . . . . . . . . . 78

Upgrading a Router with Redundant Routing Engines . . . . . . . . . . . . . . . 81

Upgrading Juniper Network Routers Running Draft-Rosen Multicast

VPN to Junos OS Release 10.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

Upgrading the Software for a Routing Matrix . . . . . . . . . . . . . . . . . . . . . . 83

Upgrading Using ISSU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

Upgrading from Junos OS Release 9.2 or Earlier on a Router Enabled

for Both PIM and NSR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

Upgrade Policy for Junos OS Extended End-Of-Life Releases . . . . . . . . 85

Downgrade from Release 10.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86

Junos OS Release Notes for Juniper Networks SRX Series Services Gateways

and J Series Services Routers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

New Features in Junos OS Release 10.4 for SRX Series Services Gateways

and J Series Services Routers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

Software Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88

Hardware Features—SRX210, SRX220, and SRX240 Services

Gateways . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109

Hardware Features—SRX220 Services Gateway with Power Over

Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110

Hardware Features—SRX1400 Services Gateway . . . . . . . . . . . . . . . . . . 113

Hardware Features—SRX3400 and SRX3600 Services Gateways . . . . 116

Advertising Bandwidth for Neighbors on a Broadcast Link Support . . . . . . . . 117

Group VPN Interoperability with Cisco’s GET VPN . . . . . . . . . . . . . . . . . . . . . 117

Changes in Default Behavior and Syntax in Junos OS Release 10.4 for SRX

Series Services Gateways and J Series Services Routers . . . . . . . . . . . . . 118

Application Identification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119

Application Layer Gateways (ALGs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

AppSecure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

Command-Line Interface (CLI) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121

Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

Dynamic VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124

Flow and Processing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124

Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126

Integrated Convergence Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126

Interfaces and Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126

JUNOS OS 10.4 Release Notes

Intrusion Detection and Prevention (IDP) . . . . . . . . . . . . . . . . . . . . . . . . 127

J-Web . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128

Management and Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130

Multilink . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131

Power over Ethernet (PoE) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132

Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132

Virtual LANs (VLANs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132

Wireless LAN (WLAN) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133

Unsupported CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133

Accounting-Options Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133

AX411 Access Point Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133

Chassis Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133

Class-of-Service Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134

Ethernet-Switching Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134

Firewall Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134

Interfaces CLI Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134

Protocols Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138

Routing Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139

Services Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139

SNMP Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139

System Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140

IPv6 and MVPN CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140

Known Limitations in Junos OS Release 10.4 for SRX Series Services

Gateways and J Series Services Routers . . . . . . . . . . . . . . . . . . . . . . . . . 142

AppSecure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142

Chassis Cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142

Command-Line Interface (CLI) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

DOCSIS Mini-PIM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144

Dynamic Host Configuration Protocol (DHCP) . . . . . . . . . . . . . . . . . . . . 144

Dynamic VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144

Flow and Processing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144

Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145

Interfaces and Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146

Intrusion Detection and Prevention (IDP) . . . . . . . . . . . . . . . . . . . . . . . . 148

IPv6 support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148

J-Web . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148

NetScreen-Remote . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149

Network Address Translation (NAT) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149

Point-to-Point Protocol over Ethernet (PPPoE) . . . . . . . . . . . . . . . . . . . 150

Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

Switching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

Unified Threat Management (UTM) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

VPNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

Wireless LAN (WLAN) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

Issues in Junos OS Release 10.4 for SRX Series Services Gateways and J

Series Services Routers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152

Outstanding Issues In Junos OS Release 10.4 for SRX Series Services

Gateways and J Series Services Routers . . . . . . . . . . . . . . . . . . . . . 152

Resolved Issues in Junos OS Release 10.4 for SRX Series Services

Gateways and J Series Services Routers . . . . . . . . . . . . . . . . . . . . . 169

Errata and Changes in Documentation for Junos OS Release 10.4 for SRX

Series Services Gateways and J Series Services Routers . . . . . . . . . . . . 172

Changes to the Junos OS Documentation Set . . . . . . . . . . . . . . . . . . . . 172

Errata for the Junos OS Documentation . . . . . . . . . . . . . . . . . . . . . . . . . 173

Errata for the Junos OS Hardware Documentation . . . . . . . . . . . . . . . . . 179

Hardware Requirements for Junos OS Release 10.4 for SRX Series Services

Gateways and J Series Services Routers . . . . . . . . . . . . . . . . . . . . . . . . . 183

Transceiver Compatibility for SRX Series and J Series Devices . . . . . . . 183

Power and Heat Dissipation Requirements for J Series PIMs . . . . . . . . . 183

Supported Third-Party Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183

J Series CompactFlash and Memory Requirements . . . . . . . . . . . . . . . . 184

Maximizing ALG Sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185

Integrated Convergence Services Not Supported . . . . . . . . . . . . . . . . . . . . . 185

Upgrade and Downgrade Instructions for Junos OS Release 10.4 for SRX

Series Services Gateways and J Series Services Routers . . . . . . . . . . . . 186

Upgrade Policy for Junos OS Extended End-Of-Life Releases . . . . . . . . 186

Junos OS Release Notes for EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . 187

New Features in Junos OS Release 10.4 for EX Series Switches . . . . . . . . . . 187

Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187

Bridging, VLANs, and Spanning Trees . . . . . . . . . . . . . . . . . . . . . . . . . . . 188

Class of Service (CoS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188

Fibre Channel over Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188

High Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188

Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188

Management and RMON . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188

Packet Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189

Virtual Chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189

Changes in Default Behavior and Syntax in Junos OS Release 10.4 for EX

Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189

Bridging, VLANs, and Spanning Trees . . . . . . . . . . . . . . . . . . . . . . . . . . . 189

Class of Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189

Limitations in Junos OS Release 10.4 for EX Series Switches . . . . . . . . . . . . 190

Access Control and Port Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190

Bridging, VLANs, and Spanning Trees . . . . . . . . . . . . . . . . . . . . . . . . . . . 190

Class of Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191

Ethernet Switching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191

Firewall Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191

Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191

High Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192

Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192

Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193

J-Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194

Spanning Tree Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194

JUNOS OS 10.4 Release Notes

Virtual Chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194

Outstanding Issues in Junos OS Release 10.4 for EX Series Switches . . . . . . 195

Access Control and Port Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195

Bridging, VLANs, and Spanning Trees . . . . . . . . . . . . . . . . . . . . . . . . . . . 195

Ethernet Switching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195

Firewall Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196

Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196

Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196

J-Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196

Layer 2 and Layer 3 Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198

Management and RMON . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199

Virtual Chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199

Resolved Issues in Junos OS Release 10.4 for EX Series Switches . . . . . . . . 199

Access Control and Port Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200

Ethernet Switching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200

Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200

Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200

Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201

J-Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202

Layer 2 and Layer 3 Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203

Management and RMON . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203

Virtual Chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203

Errata in Documentation for Junos OS Release 10.4 for EX Series

Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203

J-Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203

Virtual Chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204

Upgrade and Downgrade Instructions for Junos OS Release 10.4 for EX

Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204

Upgrading Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204

Upgrade Policy for Junos OS Extended End-Of-Life Releases . . . . . . . 205

Upgrading or Downgrading from Junos OS Release 9.4R1 for EX Series

Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206

Upgrading from Junos OS Release 9.3R1 to Release 10.4 for EX Series

Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206

Junos OS Documentation and Release Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . 207

Documentation Feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207

Requesting Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207

Revision History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209

Junos OS Release Notes for Juniper Networks M Series Multiservice Edge Routers, MX

Series Ethernet Service Routers, and T Series Core Routers

•

New Features in Junos OS Release 10.4 for M Series, MX Series, and T Series

Routers on page 6

•

Changes in Default Behavior and Syntax in Junos OS Release 10.4 for M Series, MX

Series, and T Series Routers on page 39

•

Issues in Junos OS Release 10.4 for M Series, MX Series, and T Series Routers on page 51

•

Errata and Changes in Documentation for Junos OS Release 10.4 for M Series, MX

Series, and T Series Routers on page 73

•

Upgrade and Downgrade Instructions for Junos OS Release 10.4 for M Series, MX Series,

and T Series Routers on page 78

New Features in Junos OS Release 10.4 for M Series, MX Series, and T Series Routers

The following features have been added to Junos OS Release 10.4. Following the

description is the title of the manual or manuals to consult for further information.

Class of Service

•

Hierarchical policer functionality extended to Modular Interface Cards (MICs) (MX

Series routers)—Provides hierarchical policer feature parity with Enhanced Intelligent

Queuing (IQE) PICs. This is useful in provider edge applications using aggregate policing

for general traffic and when applying a separate policer for premium traffic on a logical

or physical interface.

Hierarchical policing on MICs supports the following features:

•

Ingress traffic is first classified into premium and non-premium traffic before a policer

is applied.

•

The hierarchical policer contains two policers: premium and aggregate.

Premium traffic is policed by both the premium policer and the aggregate policer. While

the premium policer rate-limits premium traffic, the aggregate policer only decrements

the credits but does not drop packets. Non-premium traffic is rate-limited by the

aggregate policer only, resulting in the following behavior:

•

Premium traffic is assured to have the bandwidth configured for the premium policer.

•

Non-premium traffic is policed to the specified rate limit.

For a list of supported MICs, refer to:

http://www.juniper.net/techpubs/en_US/release-independent/junos/topics/reference/

general/mic-mx-series-supported.html.

The logical-interface-policer and physical-interface-policer statements provide additional

hierarchical policer parameters beyond those of the IQE PICs.

You can apply the policer at the inet, inet6, or mpls family level, as follows:

[edit interfaces ge-0/1/0 unit 0 family (inet | inet6 | mpls)]

input-hierarchical-policer Test-HP;

JUNOS OS 10.4 Release Notes

By making a hierarchical policer a logical-interface-policer, you can achieve aggregation

within a logical interface. A hierarchical policer configured as a physical-interface-policer

supports aggregation within a physical interface. Please note that you still apply the

hierarchical policer at the interface and traffic of the families that do not have the

hierarchical policer will be policer. This is different from IQE PICs, where you apply a

hierarchical policer at the logical or physical interface.

For hierarchical policing of all traffic through a logical interface, a hierarchical policer

can be made a logical-interface-policer and applied to all families in the logical interface.

Similarly, you can achieve aggregation at the physical interface level.

[Network Interfaces, Class of Service, Policy]

•

DSCP classification for VPLS at the ingress PE (M320 with Enhanced Type III FPC

and M120)—Enables you to configure DSCP classification for VPLS at an ingress PE

for encapsulation types vlan-vpls (IQ2 or IQ2E PICs) or ATM II IQ PIC. To configure,

define the DSCP classifier at the [edit class-of-service classifiers dscp dscp-name]

hierarchy level and apply the DSCP classifier at the [edit interfaces at-fpc-pic-port

unit-logical-unit-number classifiers] hierarchy level. The ATM interface must be included

in the routing instance.

[Class of Service]

Interfaces and Chassis

•

Extend support for 64-bit Junos OS to include RE-1800 Series Routing Engines

(M120, M320, MX960, MX480, and MX240 routers)—Supported Routing Engines

include:

•

RE-1800x2-A—Supports 64-bit Junos OS on M120 and M320 routers.

•

RE-1800x2-S—Supports 64-bit Junos OS on MX240, MX480, and MX960 routers.

•

RE-1800x4-S—Supports 64-bit Junos OS on MX240, MX480, and MX960 routers.

[System Basics]

•

Ethernet encapsulation for ATM scheduler (M7i, M10i, M120, and M320 [with

Enhanced III FPC] routers)—Enables support for the configuration of an ATM scheduler

map on an Ethernet VPLS over a bridged ATM interface.

[Network Interfaces]

•

Synchronous Ethernet (SyncE) on MX80 routers and MX Series routers with

MPCs—Supports the Ethernet synchronization messaging channel (ESMC), G.8264-like

clock selection mechanism, and external clocking on MX80 routers and MX Series

routers with MPCs. Wireless backhaul and wireline transport services are the primary

applications for these features.

The following features are supported:

•

On MX80 routers and MX Series routers, MPCs based on G.8261 and G.8262. This

feature does not work on the fixed configuration version of the MX80 routers.

•

All Ethernet type ports are supported on MX80 routers and MX Series routers with

MPCs

New Features in Junos OS Release 10.4 for M Series, MX Series, and T Series Routers

•

ESMC support as per G.8264

•

CLI command selection of clock sources

•

Monitoring clock sources (maximum of two clock sources can be monitored

simultaneously)

•

Revertive and nonrevertive modes

To configure SyncE, include the synchronization statement and its substatements at

the [edit chassis] hierarchy level.

[Network Interfaces, Interfaces Command Reference]

•

Enhanced container interface allows ATM children for containers—M Series and T

Series routers with ATM2 PICs automatically copy the parent container interface

configuration to the children interfaces. Container interfaces do not go down during

APS switchovers, thereby shielding upper layers. This feature allows the various ATM

features to work over the container ATM for APS.

To specify ATM children within a container interface, use the container-list cin statement

and (primary | standby) option at the [edit interface at-fpc/pic/slot container] hierarchy

level.

To configure a container interface, including its children, use the cin statement and its

options at the [edit interface ci-n] hierarchy level.

Container ATM APS does not support inter-chassis APS. MLPPP over ATM CI is also

not supported.

[Network Interfaces]

•

Signaling neighboring routers of fabric down on T1600 and T640 routers—The

signaling of neighboring routers is supported when a T640 or T1600 router is unable

to carry traffic due to all fabric planes being taken offline for one of the following

reasons:

•

CLI or offline button pressed

•

Automatically taken offline by the SPMB due to high temperature.

•

PIO errors and voltage errors detected by the SPMB CPU to the SIBs.

The following scenarios are not supported by this feature:

•

All PFEs get destination errors on all planes to all destinations, even with the SIBs

staying online.

•

Complete fabric loss caused by destination timeouts, with the SIBs still online.

When chassisd detects that all fabric planes are down, the router reboots all FPCs in

the system. When the FPCs come back up, the interfaces will not be created again,

since all fabric planes are down.

Once you diagnose and fix the cause of all fabric planes going down, you must then

bring the SIBs back online. Bringing the SIBs back online brings up the interfaces.

JUNOS OS 10.4 Release Notes

Fabric down signaling to neighboring routers offers the following benefits:

•

FPCs reboot when the control plane connection to the Routing Engine times out.

•

Extends a simple approach to reboot FPCs when the dataplane blacks out.

When the router transitions from a state where SIBs are online or spare to a state where

there are no SIBs are online, then all the FPCs in the system are rebooted. An ERRMSG

indicates if all fabric planes are down, and the FPCs will reboot if any fabric planes do

not come up in 2 minutes.

An ERRMSG indicates the reason for FPC reboot on fabric connectivity loss.

The chassisd daemon traces when an FPC comes online, but a PIC attach is not done

because no fabric plane is present.

A CLI warning that the FPCs will reboot is issued when the last fabric plane is taken

offline.

You will need to bring the SIBs online after determining why the SIBs were not online.

When the first SIB goes online, and link training with the FPCs completes, the interfaces

will be created.

Fabric down signaling to neighboring routers functionality is available by default, and

no user configuration is required to enable it.

No new CLI commands or alarms are introduced for this feature. Alarms are already

implemented for when the SIBs are not online.

[Network Interfaces, System Basics]

•

New enterprise-specific MIB to support digital optical monitoring (MX960, MX480,

MX240, and 10-Gigabit Ethernet LAN/WAN PIC with XFP on T640 and T1600

routers)—Junos OS Release 10.4 introduces JUNIPER-DOM-MIB, a new

enterprise-specific MIB to extend MIB support for digital optical monitoring.

JUNIPER-DOM-MIB supports the SNMP Get request for statistics and SNMP Trap

notifications for alarms.

JUNIPER-DOM-MIB is part of the JUNIPER-SMI MIB hierarchy level.

The following MIB objects are supported by JUNIPER-DOM-MIB for digital optical

monitoring:

•

jnxDomCurrentTable

•

jnxDomAlarmSet

•

jnxDomAlarmCleared

[SNMP MIBs and Traps Reference]

•

Transition of IPv4 traffic to IPv6 addresses using Dual Stack Lite (DS-Lite)—Adds

support for DS-Lite, a means for transitioning IPv4 traffic to IPv6 addresses. This

transition will become necessary as the supply of unique IPv4 addresses nears

exhaustion. New subscriber homes are allocated IPv6 addresses and IPv6-capable

equipment; DS-Lite provides a method for the private IPv4 addresses behind the IPv6

equipment to reach the IPv4 network. An IPv4 host communicates with a NAT endpoint

New Features in Junos OS Release 10.4 for M Series, MX Series, and T Series Routers

over an IPv6 network using softwires. DS-Lite creates the IPv6 softwires that terminate

on the services PIC. Packets coming out of the softwire can then have other services

such as NAT applied on them.

[Services Interface, System Basics and Services Command Reference]

•

Support for SONET/SDH OC48/STM16 Enhanced IQ (IQE) PIC with SFP (M320,

MX240, MX480, MX960, T640 and T1600 routers)Supports a 4-port SONET/SDH

OC48 Enhanced IQ (IQE) PIC (Type 3) with per data-link connection identifier (DLCI)

queuing. Supported FPCs include T640-FPC3-ES, M320-FPC3-E3, and MX-FPC3.

Class of service (CoS) enables enhanced egress queuing, buffering, and traffic shaping.

CoS supports eight queues per logical interface, a per-unit scheduler, and two shaping

rates: a Committed Information Rate (CIR) and Peak Information Rate (PIR) per

data-link connection identifier (DLCI). Other CoS features include, but are not restricted

to, sharing of excess bandwidth among logical interfaces, five levels of priorities

(including Strict High), ingress behavior aggregate (BA) classification, queue rate-limit

policer, ingress rewrite, egress rewrite, and a forwarding class to queue remapping per

DLCI.

The SONET/SDH OC48/STM 16 PIC supports CoS features similar to those in IQ2E

PICs, in terms of behavior and configuration statements. This PIC supports the following

Layer 2 protocols: PPP, Frame Relay, and Cisco HDLC encapsulations.

For more information, see the PC-4OC48-STM16-IQE-SFP documentation for your

router:

•

SONET/SDH OC48/STM16 Enhanced IQ (IQE) PIC with SFP (T1600 Router)

•

SONET/SDH OC48/STM16 Enhanced IQ (IQE) PIC with SFP (T640 Router)

•

SONET/SDH OC48/STM16 Enhanced IQ (IQE) PIC with SFP (MX Series Routers)

•

SONET/SDH OC48/STM16 Enhanced IQ (IQE) PIC with SFP (M320 Router)

[PIC Guide, Network Interfaces, Class of Service]

•

IPv6 statistics from IQ2 and IQ2E PICs on M320 routers with Enhanced III FPCs and

T Series routers—Support statistical accounting for IPv6 traffic traversing the IQ2 and

IQ2E PICs on M320 routers with Enhanced III FPCs and T Series routers.

For IQ2 and IQ2E PIC interfaces, the IPv6 traffic that is reported will be the total statistics

(sum of local and transit IPv6 traffic) in the ingress and egress direction. The IPv6

traffic in the ingress direction will be accounted separately only if the IPv6 family is

configured for the logical interface.

Statistics are maintained for routed IPv6 packets in the egress direction.

Byte and packet counters are maintained in the ingress and egress direction.

Differences in IPv6 statistics for IQ2 interfaces and all other interfaces are as follows:

•

IQ2 and IQ2E PIC interfaces report the total statistics for the IPv6 traffic. For other

interfaces, the transit statistics are reported.

•

IQ2 and IQ2E PIC interfaces report all IPv6 traffic received on the logical interface.

For all other interfaces, only the routed traffic is accounted.

JUNOS OS 10.4 Release Notes

•

IQ2 and IQ2E PIC interfaces report IPv6 statistics for the Layer 2 frame size. For all

other interfaces, the Layer 3 packet size is accounted.

The IPv6 statistics can be viewed by logging in to the individual IQ2 PIC or IQ2E PIC, or

by using the CLI.

Local statistics are not accounted separately.

To display total IPv6 statistics for IQ2 and IQ2E PICs, use the show interfaces extensive

command.

NOTE: The reported IPv6 statistics do not account for the traffic manager

drops in egress direction or the Packet Forwarding Engine/traffic manager

drops in the ingress direction. Transit statistics are not accounted separately

because the IQ2 and IQ2E PICs cannot differentiate between transit and

local statistics.

[Network Interfaces]

•

100-Gigabit Ethernet PIC interoperability with VLAN steering—Supports

interoperability with similar PICs from other vendors using a VLAN steering forwarding

option. Previously, the PICs required interconnection to the same model PIC.

Interoperability with interfaces from other vendors was not supported. Junos OS Release

10.4 introduces a new VLAN steering algorithm to configure 100-Gigabit Ethernet PIC

interoperation with similar interfaces from other vendors.

Two packet forwarding modes exist under the forwarding-mode statement. SA multicast

mode, for proprietary connection of two Juniper Networks 100-Gigabit Ethernet PICs,

uses the Ethernet header SA MAC address multicast bit to steer the packets to the

appropriate PFE. VLAN steering mode allows the PIC to connect to non-Juniper

Networks equipment. On ingress, the PIC compares the outer VLAN ID against a

user-defined VLAN ID and VLAN mask combination and steers the packet accordingly.

Modifying the forwarding mode config reboots the PIC.

VLAN steering overview:

•

In VLAN steering mode, the SA multicast bit is not used for packet steering.

•

In SA multicast bit steering mode, VLAN ID and VLAN mask configuration is not used

for packet steering.

•

Configuration of packet forwarding mode and VLAN steering mode uses CLI

commands that result in a PIC reboot.

•

There are three tag types for ingress packets:

•

Untagged ingress packet–The packet is sent to PFE1.

•

Ingress packet with one VLAN–The packet forwards based on the VLAN ID.

•

Ingress packet with two VLANs–The packet forwards based on the outer VLAN

ID.

New Features in Junos OS Release 10.4 for M Series, MX Series, and T Series Routers

•

VLAN rules describe how the router forwards packets. For VLAN steering, you must

use one of the two rules available in the CLI:

•

Odd-even rule–Odd number VLAN IDs go to PFE1; even number VLAN IDs go to

PFE0.

•

High-low rule–1 through 2047 VLAN IDs go to PFE0; 2048 through 4096 VLAN

IDs go to PFE1.

•

When configured in VLAN steering mode, the PIC can be configured in two physical

interface mode or in aggregated Ethernet (AE) mode:

•

Two physical interface mode–When the PIC is in two physical interface mode, it

creates physical interfaces et-x/0/0:0 and et-x/0/0:1. Each physical interface can

configure its own logical interface and VLAN. CLI enforces the following restrictions

on commit:

•

The VLAN ID configuration must comply with the selected VLAN rule.

•

The previous restriction implies that the same VLAN ID cannot be configured

on both physical interfaces.

•

AE mode–In AE mode, the two physical interfaces on the same PIC are aggregated

into one AE physical interface. PIC egress traffic is based on the AE internal hash

algorithm. PIC ingress traffic steering is based on the customized VLAN ID rule. CLI

enforces the following restrictions on commit:

•

The PIC AE working in VLAN steering mode includes both links of this PIC, and

only the links of this PIC.

•

The PIC AE working in SA multicast steering mode can include more than one

PIC to achieve more than 100-gigabit capacity.

To configure the PIC forwarding mode, include the forwarding-mode statement and

its options at the [edit chassis fpc number pic number] hierarchy level.

[Network Interfaces]

•

New control queue disable feature (T Series routers with 10-Gigabit Ethernet PIC

with oversubscription)—Provides a new CLI statement for disabling the control queue

feature for the 10-Gigabit Ethernet PIC with oversubscription. To disable the control

queue, use the no-pre-classifier statement at the [chassis] hierarchy level.

When the no-pre-classifier statement is set, the control queue feature will be disabled

for all ports on that 10-Gigabit Ethernet PIC with oversubscription. Deleting this

configuration results in the control queue feature being re-enabled on all the ports of

that PIC.

[edit chassis]

fpc 2 {

pic 0 {

no-pre-classifier;

}

JUNOS OS 10.4 Release Notes

NOTE:

1. This feature is applicable in both oversubscribed and line-rate modes.

2. The control queue feature is enabled by default in both oversubscribed

and line-rate modes, which can be overridden by the user configuration.

3. CLI show commands remain unchanged. When the control queue is

disabled, various show queue commands continue to show the control

queue in the output. However, all control queue counters are reported

as zeros.

4. Enabling or disabling the control queue feature results in the PIC being

bounced (offline/online).

Once the control queue feature is disabled, then the Layer 2 and Layer 3 control packets

are subject to queue selection based on the BA classification. However, the following

control protocol packets are not classified using BA classification, as they might not

have a VLAN, MPLS, or IP header:

•

Untagged ARP packets

•

Untagged Layer 2 control packets such as LACP or Ethernet OAM

•

Untagged IS-IS packets

When the control queue feature is disabled, untagged ARP/IS-IS and other untagged

Layer 2 control packets will go to the restricted queue corresponding to the forwarding

class associated with queue 0.

[Network Interfaces]

Junos OS XML API and Scripting

New Junos OS XML API operational request tag elements—Table 1 on page 13 shows

the Junos OS Extensible Markup Language (XML) operational request tag elements that

are new in Junos OS Release 10.4 along with the corresponding CLI command and

response tag element for each one.

Table 1: Junos OS XML Tag Elements and CLI Command Equivalents New in Junos OS Release

10.4

Response Tag ElementCLI CommandRequest Tag Element

NONErequest dhcpv6 server reconfigure<request-

dhcpv6-server-

reconfigure-information>request_dhcpv6_

server_reconfigure_information

NONErequest system license update<request-license-update>

request_license_update

NONErequest system software nonstop-upgrade<request-package-nonstop-upgrade>

request_package_nonstop_upgrade

New Features in Junos OS Release 10.4 for M Series, MX Series, and T Series Routers

Table 1: Junos OS XML Tag Elements and CLI Command Equivalents New in Junos OS Release

10.4 (continued)

Response Tag ElementCLI CommandRequest Tag Element

<amt-instance-statistics>show amt statistics<get-amt-statistics> get_amt_statistics

<amt-summary>show amt summary<get-amt-summary> get_amt_summary

<amt-tunnel-information>show amt tunnel<get-amt-tunnel-information>

get_amt_tunnel_information

<rps-chassis-information>show chassis redundant-power-supply<get-rps-chassis-information>

get_rps_chassis_information

NONEshow chassis routing-engine bios<get-bios-version-information>

get_bios_version_information

<cos-congestion-notification-information>show class-of-service congestion-notification<get-cos-

congestion-

notification-

information>

get_cos_congestion_notification_information

<firewall-information>show firewall filter version<get-firewall-log-information>

get_firewall_log_information

<ingress-replication-information>show ingress-replication<get-interface-information>

get_interface_information

<isis-context-identifier- information>show isis context-identifier<get-isis-context-

identifier-origin-

information> get_isis_context_

identifier_origin_information

<isis-context-identifier-origin-information>show isis context-identifier identifier<get-isis-database-information>

get_isis_database_information

<mpls-context-identifier- information>show mpls context-identifier<get-mpls-cspf-information>

get_mpls_cspf_information

<domain-map-statistics>show network-access domain-map statistics<get-authentication-pending-table>

get_authentication_pending_table

<ospf-context-id-information>show ospf context-identifier<get-ospf-database-information>

get_ospf_database_information

<rps-led-information>show redundant-power-supply led<get-rps-power-supply-information>

get_rps_power_supply_information

<rps-power-supply-information>showredundant-power-supplypower-supply<get-rps-status-information>

get_rps_status_information

JUNOS OS 10.4 Release Notes

Table 1: Junos OS XML Tag Elements and CLI Command Equivalents New in Junos OS Release

10.4 (continued)

Response Tag ElementCLI CommandRequest Tag Element

<rps-status-information>show redundant-power-supply status<get-rps-version-information>

get_rps_version_information

<rps-version-information>show redundant-power-supply version<get-rip-general-statistics-information>

get_rip_general_statistics_information

<idp-policy-commit-status>show security idp policy-commit-status<get-idp-policy-template- information>

get_idp_policy_template_information

<bsg-charging-statistics>show services border-signaling-gateway

charging statistics

<get-service-border-signaling-

gateway-charging-status>

get_service_border_signaling_

gateway_charging_status

<bsg-charging-status>show services border-signaling-gateway

charging status

<get-service-bsg-denied-messages>

get_service_bsg_denied_messages

<service-l2tp-destination- information>show services l2tp destination<get-services-l2tp-radius-

accounting-statistics-information>

get_services_l2tp_radius_acco

unting_statistics_information

<msp-session-table>show services sessions<get-service-softwire-statistics-information>

get_service_softwire_statistics

_information

<service-softwire-table- information>show services softwire<get_service_sfw_

conversation_

information>

get_service_sfw_conversation

_information

<service-fwnat-flow-table-

information>

show services softwire flows<get_service_

sfw_flow_analysis_

information>

get_service_sfw_flow_analysi

s_information

<service-softwire-statistics-information>show services softwire statistics<get_service_sfw_

flow_table_information>

get_service_sfw_flow_table_i nformation

<service-sfw-flow-analysis-information>show services stateful-firewall flow-analysis<get_service_sfw_sip_register-

information>

get_service_sfw_sip_register_i nformation

<clock-synchronization- statistics>show synchronous-ethernet esmc statistics<get_synchronous_ethernet_esmc-statistics>

get_synchronous_ethernet_esmc-statistics

New Features in Junos OS Release 10.4 for M Series, MX Series, and T Series Routers

Table 1: Junos OS XML Tag Elements and CLI Command Equivalents New in Junos OS Release

10.4 (continued)

Response Tag ElementCLI CommandRequest Tag Element

<clock-synchronization-

esmc-transmit>

show synchronous-ethernet esmc transmit<get_synchronous_ethernet_esmc_transmit>

get_synchronous_ethernet_esmc_transmit

NONEshow synchronous-ethernet

global-information

<get_synchronous_ethernet_global_information>

get_-synchronous_ethernet_global_information

<relay-group-information>show system relay group<get_system_resource_cleanup_

processes_information>

get_system_resource_cleanup_

processes_information

<relay-group-member>show system relay member<get_rollback_information>

get_rollback_information

<relay-summary>show system relay summary<get_dhcp_binding_information>

get_dhcp_binding_information

<clock-synchronization-

clear-output>

clear synchronous-

ethernet esmc

statistics

<clear_synchronous_

ethernet_esmc_

statistics>clear_synchronous_

ethernet_e smc_

statistics

Layer 2 Ethernet Services

•

Feature support for Trio 3D MPCs and MICs (MX Series routers)—Enables you to

configure the following features through Junos OS Release 9.1: load balancing, Ethernet

OAM IEEE 802.1ag Phase 4 MIP support, LLDP, BPDU guard and loop guard, IRB support

for interworking of LDP-VPLS and BGP-VPLS, BGP multihoming for Inter-AS VPLS,

VPLS Ethernet as a core-facing interface, and limitations on next-hop flooding.

[Layer 2 Configuration]

•

Ethernet CFM support on Trio 3D MPCs and MICs (MX Series routers)—Enables

support for Ethernet connectivity fault management (CFM) defined by IEEE 802.1ag

for family bridge interfaces. However, MEP configuration is not supported on aggregated

Ethernet interfaces.

[Layer 2 Configuration]

MPLS Applications

•

MPLS support on services PICs—Adds MPLS label pop support for services PICs on

Junos OS routers. Previously all MPLS traffic would be dropped at the services PIC. No

changes are required to CLI configurations for this enhancement. In-service software

upgrade (unified ISSU) is supported for tag next hops for MPLS on services PIC traffic,

but no support is provided for tags over IPv6 packets or labels on multiple gateways.

[MPLS]

JUNOS OS 10.4 Release Notes

•

Adding descriptions for bypass LSP—You can now add a text describing a bypass

LSP using the description option at the [edit protocols rsvp interface interface-name

link-protection bypass bypass-lsp-name] hierarchy level. Enclose any descriptive text

that includes spaces in quotation marks (" "). Any descriptive text you include is

displayed in the output of the show rsvp session bypass command and has no effect

on the operation of the bypass LSP.

[MPLS]

Multicast

•

Nonstop active routing PIM support for IPv6—Starting with Release 10.4, Junos OS

extends the nonstop active routing support for Protocol Independent Multicast (PIM),

which is already supported on IPv4, to include the IPv6 address families. The extension

of nonstop active routing PIM support to IPv6 enables IPv6 routers to maintain

self-generation IDs, multicast session states, dynamic interface states, list of neighbors,

and RPSets across Routing Engine switchovers.

The nonstop active routing support for PIM on IPv6 is similar to the nonstop active

routing PIM support on IPv4 except for the following:

•

Nonstop active routing support for PIM on IPv6 supports an embedded rendezvous

point (RP) on non-RP routers.

•

Nonstop active routing support for PIM on IPv6 does not support auto-RP, as auto-RP

is not supported on IPv6.

For more information about nonstop active routing PIM support on IPv4 and IPv6, see

the Junos OS High Availability Configuration Guide.

[High Availability, Multicast]

MX Series

•

Support for MX Series—While these features have been available on the MX Series

routers in the past, we have now qualified the following features on the Trio chipset.

For MPLS, RSVP, and LDP:

•

BFD session failure action for LDP LSPs (including ECMP)

•

RSVP Graceful Restart interop with Cisco using Nodal Hello support

•

Failure action on BFD session down of RSVP LSPs in JUNOS

•

RSVP transit

•

L3VPN testing using RSVP

•

NSR: RSVP ingress

•

BFD via LDP

New Features in Junos OS Release 10.4 for M Series, MX Series, and T Series Routers

For Multicast:

•

OSPF

•

OSPF Database Protection

•

RFC 4136 OSPF Refresh and Flooding Reduction in Stable Topologies

•

PIM SSM in provider space (Draft-Rosen 7)

•

NG MVPN - PIM-SSM I-PMSI and deployment scenario testing

•

MVPN C-PIM in plain ASM mode

•

NGEN MVPN hub and spoke support with GRE S-PMSI transport

•

PIM Join suppression support

•

Translating PIM states to IGMP/MLD messages

•

Disable PIM for IPv6 via CLI

•

IPv6 multicast support over L3VPNs

•

PIM neighbor should be maintained wherever possible

•

Data MDT SAFI (draft-rosen-l3vpn-mvpn-profiles)

•

Inter-provider Option A support with Rosen 7

•

Rosen 7 interoperability with Cisco IOS

For VPNs:

•

VPLS: Configurable label block size (min 2)

•

Interoperate LDP-VPLS and BGP-VPLS with FEC 128

•

LDP-VPLS

•

Interprovider VPLS Option "E": EBGP redistribution of labeled routes

Miscellaneous:

•

Support to commit configuration from op/event scripts

•

Per PFE per packet load balancing

•

Next Hop Handling Enhancements (Phase 3)

•

Support local-as alias hidden command

•

MIB Enhancements for Manual Bypass Tunnel Management

•

ISIS LFA

•

Improve IGMPv3 performance using bulk updates

JUNOS OS 10.4 Release Notes

•

Improve IGMPv3 performance using bulk updates - with snooping

•

Allow ASM group override of SSM ranges

Routing Policy and Firewall Filters

•

New routing policy system log message—Junos OS Release 10.3 supports a new

routing policy system log message. The RPD_PLCY_CFG_NH_NETMASK system log

message provides information about ignored netmasks. If you have a policy statement

with a term that contains a next-hop address with a netmask, the netmask is ignored.

The following sample shows the new system log message (depending on your network

configuration, the type of message you see might be different):

Jun 18 11:22:43 pro5-d rpd[1403]: RPD_PLCY_CFG_NH_NETMASK: Netmask ignored for

next hop: 10.0.0.1/24.

[System Log Messages Reference]

•

Support for displaying the firewall filter version information—You can display the

version number of the firewall filter installed in the Routing Engine. The initial version

number is 1 and increments by one when you modify the firewall filter settings or an

associated prefix action. To show the version number of the installed firewall filter,

use the show firewall filter version operational mode command.

[Routing Protocols and Policies Command Reference]

Routing Protocols

•

Point-to-multipoint (P2MP) LSP load balancing across aggregated Ethernet links

(M Series except M320)—Enables you to load-balance VPLS multicast and P2MP

multicast traffic over link aggregation. This feature also re-load-balances traffic after

a change in the next-hop topology. Next-hop topology changes might include but are

not limited to:

•

Layer 2 membership change in the link aggregation

•

Indirect next-hop change

•

Composite next-hop change

No new configuration is required to configure this feature. The load balancing over

aggregated links is automatically enabled with this release. For a sample topology and

configuration example, see Junos OS Policy Framework Configuration Guide.

[Policy]

•

Support for disabling traps for passive OSPFv2 interfaces—You can now disable

interface state change traps for passive OSPF interfaces. Passive OSPF interfaces

advertise address information as an internal OSPF route, but do not run the actual

protocol. If you are only interested in receiving notifications for active OSPF interfaces,

disabling traps for passive OSPF interfaces reduces the number of notifications received

and processed by the SNMP server. This allows you to more quickly and easily scan

the logs for potential issues on active OSPF interfaces.

To disable and stop receiving notifications for state changes in a passive OSPF interface,

include the no-interface-state-traps statement at the following hierarchy levels:

New Features in Junos OS Release 10.4 for M Series, MX Series, and T Series Routers

•

[edit logical-systems logical-system-name protocols ospf area area-id interface

interface-name]

•

[edit logical-systems logical-system-name routing-instances routing-instance-name

protocols ospf area area-id interface interface-name]

•

[edit protocols ospf area area-id interface interface-name]

•

[edit routing-instances routing-instance-name protocols ospf area area-id interface

interface-name]

[Routing Protocols]

•

Behavior change for BGP-independent AS domains—Independent domains use the

transitive path attribute 128 (attribute set) messages to tunnel the independent

domain’s BGP attributes through the internal BGP (IBGP) core. In Junos OS Release

10.3 and later, if you have not configured an independent domain in any routing instance,

BGP treats the received attribute 128 message as an unknown attribute. The AS path

field in the show route command has been updated to display an unrecognized attribute

and associated hexadecimal value if you have not configured an independent domain.

The following is a sample output of the AS path field (depending on your network

configuration, the output might be different):

AS path: [12345] I Unrecognized Attributes: 40 bytes

AS path: Attr flags e0 code 80: 00 09 eb 1a 40 01 01 00 40 02 08 02 03 fd e9 fd e9 01

2d 40 05 04 00 00 00 64 c0

[Routing Protocols]

•

Support for disabling the attribute set messages on independent AS domains for

BGP loop detection—BGP loop detection for a specific route uses the local autonomous

system (AS) domain for the routing instance. By default, all routing instances belong

to a single primary routing instance domain. Therefore, BGP loop detection uses the

local ASs configured on all of the routing instances. Depending on your network

configuration, this default behavior can cause routes to be looped and hidden.

To limit the local ASs in the primary routing instance, configure an independent AS

domain for a routing instance. Independent domains use the transitive path attribute

128 (attribute set) messages to tunnel the independent domain’s BGP attributes

through the internal BGP (IBGP) core. If you want to configure independent domains

to maintain the independence of local ASs in the routing instance and perform BGP

loop detection only for the specified local ASs in the routing instance, disable attribute

set messages on the independent domain. To disable attribute set messages, include

the independent-domain no-attrset statement at the following hierarchy levels:

•

[edit logical-systems logical-system-name routing-instances routing-instance-name

routing-options autonomous-system autonomous-system]

•

[edit routing-instances routing-instance-name routing-options autonomous-system

autonomous-system]

[Routing Protocols]

JUNOS OS 10.4 Release Notes

Page is loading ...

Juniper JUNOS OS 10.4 Release note

Brand: Juniper

Model: JUNOS OS 10.4

Category: Networking

Type: Release note

This manual is also suitable for

JUNOS OS 10.4 - S REV 5

Download PDF

report

Juniper JUNOS OS 10.4 Release note

This manual is also suitable for

Juniper JUNOS OS 10.4 Release note

Related papers

Other documents