Documente Academic
Documente Profesional
Documente Cultură
Junos OS Features
Release
18.4R1
Local authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Support for password change policy enhancement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
TACACS+ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
TACACS+ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Chassis management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Chassis management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
RFC 2544-based benchmarking tests for Layer 2 and Layer 3 Ethernet services . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Ethernet loopback support for RFC 2544-based benchmarking test . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
RFC 2544-based benchmarking tests for Layer 2 and Layer 3 Ethernet services . . . . . . . . . . . . . . . . . . . . . . . . . 8
Classification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Behavior aggregate (BA) Classifiers: 802.1p . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Behavior aggregate (BA) Classifiers: DSCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Behavior aggregate (BA) Classifiers: DSCP IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Behavior aggregate (BA) Classifiers: EXP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Behavior aggregate (BA) Classifiers: IEEE 802.1ad . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Experimental (EXP) bits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Fixed classification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Physical interface-based classifiers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
CoS on Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
CoS for PPP and MLPPP Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Eight queues per port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
TDM and ATM class-of-service (CoS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Congestion Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Weighted random early detection (WRED) tail-drop profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Forwarding classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Up to 8 forwarding classes with one-to-one mapping to output queues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Rewrite Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
802.1p Rewrite . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
DSCP IPv6 rewrite . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Differentiated Services Code Point (DSCP) rewrite . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
EXP rewriting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Rewrite MPLS and DSCP to different values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Scheduling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Configuring the shared buffer size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Internal buffer of 2 MB with per-egress queue buffer management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Scheduling with two different priorities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Shaping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Port shaping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Host protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Host protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Q-in-Q . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Q-in-Q . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Forwarding Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Exception handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Exception handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
IP fragmentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
IP fragmentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Port Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Local port mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Storm Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Storm Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
High Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
IPv6 specific . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Dual Stacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Dynamic routes distribution through IS-IS and OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
IPv6 VPN Provider Edge Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
IPv6 forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
IPv6 over MPLS (6PE) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
IPv6 over generic routing encapsulation (GRE) tunnels using IPv4 transport—de-encapsulation support . . . . . . . 24
IPv6 over generic routing encapsulation (GRE) tunnels using IPv4 transport—encapsulation support . . . . . . . . . 24
IPv6 static routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Layer 3 VPNs for IPv4 and IPv6 address families . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Path MTU Discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
ATM Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
ATM OAM F4 and F5 cells . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
ATM PWE3 control word . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
ATM PWE3 support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
ATM PWE3 via dynamic labels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
ATM VPI/VCI Swapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
ATM idle/unassigned cell suppression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
ATM policing and shaping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
ATM service categories (CBR, nrt-VBR, UBR) to the UNI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
ATM support for N to 1 PW Promiscuous mode: 1 PW per port and 1 PW per VPI . . . . . . . . . . . . . . . . . . . . . 28
ATM time-division multiplexing (TDM) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Inverse Multiplexing for ATM (IMA) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
RFC4717: S6.3 – ATM AAL5 SDU encap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
BERT algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
BERT algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
E1/T1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
T1 and E1 interfaces time-division multiplexing (TDM) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
T1/E1 channelization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Encapsulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Inverse Multiplexing for ATM (IMA) Layer 2 encapsulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
MLPPP encapsulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Point-to-Point Protocol (PPP) encapsulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Ethernet OAM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
OAM with Layer 2 bridging as a transport mechanism . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Local loopback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Local loopback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Logical tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Logical tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Loopback interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Loopback interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Other Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
AAL5 SDU [n-to-1 cell relay] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Cell concatenation (1 to 30 cells per packet) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Denied packets counter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Early Packet Discard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Event handling of SFP insertion and removal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Explicit disabling of the physical interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Input policing per VC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
MAP ATM service categories to PW EXP bits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
PIM and IGMP in global domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Packet/byte counters per VP and VC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Remote fault notification for 10-Gigabit Ethernet interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
VC output shaping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
IGMP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
IGMP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Static LSPs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Static LSPs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Traffic engineering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Diffserv traffic engineering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Path Computation Element Protocol for RSVP-TE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Traffic engineering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Interface statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Drop packet statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Interface Passive-monitor-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Interface byte and packet statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Interface queue statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Statistics collection and handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
NETCONF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Adding non-native YANG modules to the Junos OS schema . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Configuring the ephemeral database using the NETCONF and Junos OS XML protocols . . . . . . . . . . . . . . . . . 53
Device family and release in Junos OS YANG modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Multiple, smaller configuration YANG modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
YANG module that defines CLI formatting for RPC output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
YANG module that defines Junos OS operational commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Simple Network Management Protocol (SNMP) Management Information Base (MIB) and Traps . . . . . . . . . . . . 56
Juniper Networks Enterprise-Specific MIBs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
Standard SNMP MIBs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
Network Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
Routing Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Static routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Static routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Firewall Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
Dynamic allocation of TCAM memory to firewall filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
Enhancements to support log and syslog firewall filter actions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
Firewall Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Firewall filters - family ccc/any . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Firewall filters - family inet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Firewall filters on loopback interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Standard Firewall Filter Match Conditions for MPLS Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Hierarchical policer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Hierarchical policer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Routing Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Services Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
System Basics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
System Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Configuration Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
JSON format for configuration data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Dual-root partitioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Dual-root partitioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Juniper Extension Toolkit for Junos (JET for Junos) provides a modern programmatic interface for developers
of third-party applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Juniper Extension Toolkit for Junos (JET for Junos) provides a modern programmatic interface for developers
of third-party applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Memory utilization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Memory utilization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
System snapshot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
System snapshot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
E-LINE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
E-LINE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Layer 2 Circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Control word . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Layer 2 Circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Application Security
Local authentication
Support for password change policy enhancement
The Junos password change policy for local user accounts is enhanced to comply with additional password policies. As
part of the policy improvement, you can configure the following:
minimum-character-changes: The number of characters by which the new password should be different from the existing
password.
minimum-reuse: The number of older passwords which should not match the new password.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
TACACS+
TACACS+
TACACS+ provides access control for nodes using a centralized server or servers.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Chassis
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
User-defined alarms
On an ACX Series router, the alarm contact port (labeled ALARM) provides four user-defined input ports and two
user-defined output ports. Whenever a system condition occurs—such as a rise in temperature, and depending on the
configuration, the input or output port is activated.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X51-D10
Chassis management
Chassis management
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D20
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X51-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X52-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Precision Time Protocol (PTP) over integrated routing and bridging (IRB) interfaces
Precision Time Protocol (PTP) over integrated routing and bridging (IRB) is supported. In prior releases, PTP was supported
over physical Ethernet interfaces only.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
RFC 2544-based benchmarking tests for Layer 2 and Layer 3 Ethernet services
Ethernet loopback support for RFC 2544-based benchmarking test
Junos OS supports configuring Ethernet loopback for performing the RFC 2544-based benchmarking test. Ethernet
loopback can be used for verifying the connectivity and identifying or isolating faults in a network. This feature can be
used for performance measurements where packets are looped back to measuring device. Ethernet loopback is supported
in the egress user-to-network interface (UNI) direction for a bridge family configuration.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D20
RFC 2544-based benchmarking tests for Layer 2 and Layer 3 Ethernet services
Junos OS supports RFC 2544 benchmarking tests to measure performance characteristics and efficiency of the routers,
such as throughput, bursty frames, frame loss, and latency.
• You can configure RFC 2544 tests on the following underlying services:
• Between two IPv4 endpoints.
• Between two user-to-network interfaces (UNIs) of Ethernet Virtual Connection (EVC), Ethernet Private Line (EPL, also
called E-LINE), Ethernet Virtual Private Line (EVPL), EVC (EPL, EVPL).
RFC 2544 tests are supported only in the egress direction or the user-to-network interface (UNI) direction of Ethernet
line or LAN service parameters in a bridge domain between two routers for unicast traffic.
You can run RFC 2544 benchmarking inet tests on Layer 3 VPN or virtual router.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Combined operation of Synchronous Ethernet and Precision Time Protocol or hybrid mode
The combined operation of Synchronous Ethernet and Precision Time Protocol (PTP) is also known as hybrid mode. In
hybrid mode, the synchronous Ethernet equipment clock (EEC) on the router derives the frequency from Synchronous
Ethernet and the phase and time of day from PTP. Time synchronization includes both phase synchronization and frequency
synchronization.
Synchronous Ethernet supports hop-by-hop frequency transfer, where all interfaces on the trail must support Synchronous
Ethernet. PTP (also known as IEEE 1588v2) synchronizes clocks between nodes in a network, thereby enabling the
distribution of an accurate clock over a packet-switched network.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Classification
Behavior aggregate (BA) Classifiers: 802.1p
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D15
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X52-D10
Fixed classification
One can configure fixed classification on a logical interface by specifying a forwarding class to be applied to all packets
received by the logical interface, regardless of the packet contents.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
CoS on Interfaces
CoS for PPP and MLPPP Interfaces
CoS functionalities are supported on PPP and MLPPP interfaces. Up to four forwarding classes and four queues are
supported per logical interface for PPP and MLPPP packets.
The following restrictions apply when you configure CoS on PPP and MLPPP interfaces on ACX Series routers:
• For interfaces with PPP encapsulation, you can configure interfaces to support only the IPv4, Internet Protocol Control
Protocol (IPCP), PPP Challenge Handshake Authentication Protocol (CHAP), and Password Authentication Protocol (PAP)
applications.
• Drop timeout is not supported.
• Loss of traffic occurs during a change of scheduling configuration; you cannot modify scheduling attributes instantaneously.
• Buffer size is calculated in terms of number of packets, with 256 bytes considered as the average packet size.
• Only two loss priority levels, namely low and high, are supported.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Congestion Management
Weighted random early detection (WRED) tail-drop profiles
Weighted random early detection (WRED) for CoS is a congestion-management feature that drops overflow packets
when queue buffers become full or begin to overflow.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Forwarding classes
Up to 8 forwarding classes with one-to-one mapping to output queues
Allows you map up to eight forwarding classes with eight CoS queues.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Policing/Rate limiting
Per-queue committed information rate (CIR) and peak information rate (PIR)
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Policing/Rate limiting
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Rewrite Rules
802.1p Rewrite
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D15
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
EXP rewriting
One can now configure rewrite rules on the egress provider-edge (PE) switch to alter the CoS settings of the packets.
Rewrite rules set the value of the CoS bits within the packet’s header. Each rewrite rule reads the current forwarding
class and loss priority information associated with the packet, locates the chosen CoS value from a table, and writes this
CoS value into the packet header.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Scheduling
Configuring the shared buffer size
Junos OS enables you to control the amount of shared packet buffer a given queue can consume. Using this feature, you
can ensure that important queues have a higher chance of using the shared buffers than by not so important queues. To
achieve this, you can configure lower values for shared-buffer maximum CLI statement for the not so important queues,
and higher values for the shared-buffer maximum CLI statement for the important queues.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
Shaping
Port shaping
Port shaping and queue shaping can be used to manage excess traffic and to avoid congestion. Port shaping defines the
maximum bandwidth allocated to a port.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Priority queuing
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X52-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
Host protection
Host protection
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X52-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X52-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X52-D10
Q-in-Q
Q-in-Q
Q-in-Q tunneling allows service providers on Ethernet access networks to extend a Layer 2 Ethernet connection between
two customer sites. Using Q-in-Q tunneling, providers can also segregate or bundle customer traffic into fewer VLANs
or different VLANs by adding another layer of 802.1Q tags. Q-in-Q tunneling is useful when customers have overlapping
VLAN IDs, because the customer’s 802.1Q (dot1Q) VLAN tags are prepended by the service VLAN (S-VLAN) tag.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X52-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X52-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X52-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X52-D10
Forwarding Options
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
Exception handling
Exception handling
All basic exception handling features are supported, including but not limited to option packets, TTL expiry, MTU exceeded
condition, redirect condition, and so on. In addition, Internet Control Message Protocol (ICMP) is supported to respond
to various exception conditions.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
IP fragmentation
IP fragmentation
Fragmentation is in software and the number of packets fragmented is rate limited.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Port Mirroring
Local port mirroring
You can use port mirroring to facilitate analyzing traffic on an EX Series switch on a packet level. You can use port mirroring
as part of monitoring switch traffic for such purposes as enforcing policies concerning network usage and file sharing,
and identifying sources of problems on your network by locating abnormal or heavy bandwidth usage from particular
stations or applications.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Storm Control
Storm Control
Storm control is now supported on ACX Series routers. Storm control is only applicable at the IFD level for ACX Series.
When a traffic storm is seen on the interface configured for storm control, the default action is to drop the packets
exceeding the configured bandwidth. No event is generated as part of this. Storm control is not enabled on the interface
by default.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X52-D10
High Availability
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X52-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
IPv6
IPv6 specific
Dual Stacking
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D15
IPv6 forwarding
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
IPv6 over generic routing encapsulation (GRE) tunnels using IPv4 transport—de-encapsulation support
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
IPv6 over generic routing encapsulation (GRE) tunnels using IPv4 transport—encapsulation support
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Interfaces
ATM Interface
ATM OAM F4 and F5 cells
ACX Series routers provide Asynchronous Transfer Mode (ATM) support for the following Operations, Administration,
and Maintenance (OAM) fault management cell types
• F4 alarm indication signal (AIS) (end-to-end)
• F4 remote defect indication (RDI) (end-to-end)
• F4 loopback (end-to-end)
• F5 AIS
• F5 RDI
• F5 loopback
ATM OAM is supported on ACX1000, ACX2000, and ACX2100 routers, and on 16-port Channelized E1/T1 Circuit
Emulation MICs on ACX4000 routers.
Junos OS supports the following methods of processing OAM cells that traverse through pseudowires with circuit
cross-connect (CCC) encapsulation:
• Virtual path (VP) pseudowires (CCC encapsulation)
• Port pseudowires (CCC encapsulation)
• Virtual circuit (VC) pseudowires (CCC encapsulation)
For ATM pseudowires, the F4 flow cell is used to manage the VP level. On ACX Series routers with ATM pseudowires
(CCC encapsulation), you can configure OAM F4 cell flows to identify and report virtual path connection (VPC) defects
and failures. Junos OS supports three types of OAM F4 cells in end-to-end F4 flows:
• Virtual path AIS
• Virtual path RDI
• Virtual path loopback
For OAM F4 and F5 cells, IP termination is not supported. Also, Junos OS does not support segment F4 flows, VPC
continuity check, or VP performance management functions.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X52-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ATM support for N to 1 PW Promiscuous mode: 1 PW per port and 1 PW per VPI
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
BERT algorithms
BERT algorithms
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
E1/T1
T1 and E1 interfaces time-division multiplexing (TDM)
The ACX1000 has 8 built-in TDM ports. The ACX2000 has 16 built-in TDM ports. T1/E1 mode selection is at the PIC
level. To set the T1/E1 mode, include the framing statement with the t1 or e1 option at the [chassis fpc 0 pic slot-number]
hierarchy level. All ports can be T1 or E1. Mixing T1s and E1s is not supported.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
T1/E1 channelization
Full channelization is supported. Partitioning is not supported. To configure full channelization, include the no-partition
statement at the [edit interfaces ct1-fpc/pic/port] hierarchy level or at the [edit interfaces ce1-fpc/pic/port] hierarchy
level, depending on the interface type.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Encapsulation
Inverse Multiplexing for ATM (IMA) Layer 2 encapsulation
Layer 2 encapsulation for IMA pseudowire initiation and termination on the ACX Series routers is supported. To configure
encapsulation at the logical interface level, include the encapsulation statement with the atm-ccc-cell-relay or
atm-ccc-vc-mux option at the [edit interface interface-name unit logical-unit-number] hierarchy level.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
MLPPP encapsulation
You configure multilink bundles as logical units or channels on the link services interface lsq-0/0/0. With MLPPP, multilink
bundles are configured as logical units on lsq-0/0/0—for example, lsq-0/0/0.0 and lsq-0/0/0.1. After creating multilink
bundles, you add constituent links to the bundle.
With multilink PPP bundles, you can use PPP Challenge Handshake Authentication Protocol (CHAP) and Password
Authentication Protocol (PAP) for secure transmission over the PPP interfaces.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X52-D10
RFC4717 ATM Encapsulation: S6.1 ATM N to one cell mode (required as per standard)
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X52-D10
Ethernet OAM
OAM with Layer 2 bridging as a transport mechanism
The following OAM features that use Layer 2 bridging as a transport mechanism are supported: • IEEE 802.3ah LFM—IEEE
802.3ah link fault management (LFM) operates at the physical interface level and the packets are sent using Layer 2
bridging as a transport mechanism.
• Dying-gasp packets—Dying-gasp PDU generation operates at the physical interface level. Dying-gasp packets are sent
through the IEEE 802.3ah LFM-enabled interfaces.
• IEEE 802.1ag and ITU-T Y.1731 protocols on down MEPs—IEEE 802.1ag configuration fault management (CFM) and
ITU-T Y.1731 performance-monitoring OAM protocols, which are used for end-to-end Ethernet services, are supported
only on down maintenance association end points (MEPs). The ITU-T Y.1731 protocol supports delay measurement on
down MEPs but does not support loss measurement on down MEPs.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X52-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Ethernet connectivity fault management (CFM) - Connection protection for Ethernet pseudowires
Fault monitoring using the continuity check protocol. This is a neighbor discovery and health check protocol that discovers
and maintains adjacencies at the VLAN or link level.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Ethernet connectivity fault management (CFM) - Path protection for Ethernet pseudowires
Path discovery and fault verification using the linktrace protocol. Similar to IP traceroute, this protocol maps the path
taken to a destination MAC address through one or more bridged networks between the source and destination.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X51-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Keepalives
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X51-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X52-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Local loopback
Local loopback
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Logical tunnels
Logical tunnels
Logical tunnel (lt-) interfaces provide quite different services depending on the host router. On ACX Series routers, logical
tunnel interfaces enable you to connect a bridge domain and a pseudowire.
To create tunnel interfaces, an FPC and the corresponding Packet Forwarding Engine on an ACX Series router must be
configured to be used for tunneling services at the [edit chassis] hierarchy level. The amount of bandwidth reserved for
tunnel services must also be configured.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
Loopback interface
Loopback interface
The loopback (local | remote) configuration statement is used to specify whether local or remote loopback is enabled. This
allows you to test the transceiver cable connection from the far end to the retimer interface without changing the cable.
The loopback (local | remote) configuration statement is configured at the [edit interfaces interface-name gigether-options]
hierarchy level.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Other Features
AAL5 SDU [n-to-1 cell relay]
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X52-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
VC output shaping
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
Multicast
IGMP Snooping
IGMP Snooping
Enables to configure general multicast snooping parameters and specific IGMP snooping parameters to allow Layer 2
interfaces to "snoop" Layer 3 protocols for multicast-related information.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Node-link protection
Node-link protection establishes a bypass LSP through a different router altogether.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Pseudowire redundancy
Layer 2 pseudowire redundancy
A redundant pseudowire acts as a backup connection between PE routers and CE devices, maintaining Layer 2 circuits
and services after certain types of failures. Pseudowire redundancy improves the reliability of certain types of networks
(metro, for example) where a single point of failure could interrupt service for multiple customers.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Pseudowire standby
A standby pseudowire can act as a backup connection between PE routers and CE devices, maintaining Layer 2 circuit
and VPLS services after certain types of failures. To configure pseudowire standby, include the backup-neighbor statement
at the [edit protocols l2circuit neighbor address interface interface-name] hierarchy level.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Static LSPs
Static LSPs
For static label-switched paths (LSPs), one must manually assign labels on all the switches that are part of the LSP (ingress,
transit, and egress). No signaling protocol is needed. Configuring static LSPs is similar to configuring static routes on
individual switches. As with static routes, there is no error reporting, liveliness detection, or statistics reporting.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Traffic engineering
Diffserv traffic engineering
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Traffic engineering
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Interface statistics
Drop packet statistics
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Interface Passive-monitor-mode
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
NETCONF
Adding non-native YANG modules to the Junos OS schema
You can load standard (IETF,OpenConfig) or custom YANG models on devices running Junos OS to add data models that
are not natively supported by Junos OS but can be supported by translation. Doing this enables you to augment the
configuration hierarchies with data models that are customized for your operations. The ability to add data models to a
device is also
beneficial when you want to create device- and vendor-agnostic configuration models that enable the same configuration
to be used on different devices from one or more vendors. You can load YANG modules that add configuration hierarchies
by using the request system yang add operational command.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Configuring the ephemeral database using the NETCONF and Junos OS XML protocols
NETCONF and Junos XML protocol client applications can configure the ephemeral configuration database, which is an
alternate configuration database that enables multiple clients to simultaneously load and commit configuration changes
on a device running Junos OS and with significantly greater throughput than when committing data to the candidate
configuration database. Junos OS provides a default instance and up to eight user-defined instances of the ephemeral
configuration database. The device’s active configuration is a merged view of the committed configuration database and
the configuration data in all instances of the ephemeral configuration database. Ephemeral configuration data is volatile
and is deleted upon rebooting the device.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D25
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D25
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Simple Network Management Protocol (SNMP) Management Information Base (MIB) and Traps
Juniper Networks Enterprise-Specific MIBs
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Traceroute
Traceroute
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Network Security
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D20
Routing Options
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Static routes
Static routes
Static routes are routes that are manually configured and entered into the routing table.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Firewall Filters
Dynamic allocation of TCAM memory to firewall filters
The dynamic allocation of the shared space ternary content addressable memory (TCAM) allows TCAM to be used
dynamically to support firewall filters.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D20
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Firewall Filters
Firewall filters provide rules that define whether to permit, deny, or forward packets that are transiting an interface on
an EX Series switch from a source address to a destination address. Policing, or rate limiting, is an important component
of firewall filters that lets you control the amount of traffic that enters an interface.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X52-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Hierarchical policer
Hierarchical policer
This feature is useful in provider edge applications that use aggregate policing for general traffic and when applying a
separate policer for premium traffic on a logical or physical interface.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
Routing Protocols
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Services Applications
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
DHCP Server
You can configure a J-series router or interface to act as a Dynamic Host Configuration Protocol (DHCP) server. A DHCP
server can allocate network IP addresses and deliver configuration settings to clients on a Transmission Control Protocol
(TCP)/IP network.
The DHCP server, client and relay features are not supported for SRX and J-series devices, when participating in a chassis
cluster.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D15
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X52-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X51-D10
ACX1000 Junos OS
12.3X54-D10
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X51-D10
System Basics
System Management
Configuration Management
JSON format for configuration data
You can configure devices running Junos OS using configuration data in JavaScript Object Notation (JSON) format in
addition to the existing text, Junos XML, and Junos OS set command formats. You can load configuration data in JSON
format in the Junos OS CLI by using the load (merge | override | update) json command or from within a NETCONF or
Junos XML protocol session by using the <load-configuration format="json"> operation. You can load JSON configuration
data either from an existing file or as a data stream. Configuration data that is provided as a data stream must be enclosed
in a <configuration-json> element.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Dual-root partitioning
Dual-root partitioning
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Juniper Extension Toolkit for Junos (JET for Junos) provides a modern programmatic interface
for developers of third-party applications
Juniper Extension Toolkit for Junos (JET for Junos) provides a modern programmatic interface for
developers of third-party applications
JET for Junos, an evolution of the Junos SDK, allows customers and partners to build and run applications either directly
on Junos OS devices or off-box. These applications can interact with Junos OS native features. A framework is provided
in the Python language for Python JET for Junos application developers. This framework allows your applications to run
directly on Junos OS devices. JET for Junos is based on Apache Thrift; thus, it also supports multiple languages running
off-box to interact with the same JET for Junos APIs. This gives developers true flexibility to adapt Junos OS devices to
business processes.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Memory utilization
Memory utilization
The show chassis routing-engine and the show chassis feb commands can be used to find the memory allocated for each
of the Routing Engine and Packet Forwarding Engine components.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
System snapshot
System snapshot
The request system snapshot command allows you to create a copy of the currently running software on another media—for
example, a universal serial bus (USB) storage device. The system snapshot feature takes a “snapshot” of the files currently
used to run the device—the complete contents of the /config and /var directories, which include the running Juniper
Networks Junos operating system (Junos OS), the active configuration, and the rescue configuration—and copies all of
these files into an alternate memory source. Typically, this command is used prior to the upgrade of the software image
on the dual internal NAND flash device (with the da0s1 or da0s2 slices) or to remedy a bad image, thereby preventing
the bad image from rendering the system useless. A snapshot to another media ensures that the device can boot from
the other media in case the system does not boot up from the current image.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
E-LINE
E-LINE
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Layer 2 Circuits
Control word
The control word is 4 bytes long and is inserted between the Layer 2 protocol data unit (PDU) being transported and the
virtual connection label. To configure the control word, include the (control-word | no-control-word) statement at the
[edit protocols l2circuit neighbor address interface interface-name] hierarchy level.
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Layer 2 Circuits
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
Supported Platforms
Platform Introduced Release Hardware Components License Requirements Caveats
ACX1000 Junos OS
12.3X54-D10
The information in this document is provided "AS IS", with no warranties of any kind attached to the information. Any reliance
upon the information shall be at the user's own risk. Juniper assumes no liability for the information contained in this document.