CSE 13.3R1 Release Notes - Juniper Networks

CSE Series Release Notes Release 13.3R1 January 2014 Revision 1

These release notes accompany CSE Series Release 13.3R1 of the Carrier-Grade Service Engine CSE2000. They describe the features and the documentation of the CSE2000 and known problems. Juniper Networks Carrier-Grade Service Engine (CSE) is a solution that allows PTX routers to provide high-performance flow monitoring and accounting services. The CSE2000 device is tethered to Juniper Networks PTX5000 Packet Transport Routers and provides support for active flow monitoring version 9. CSE2000 allows scaling of control plane and service plane, without adding components to the existing PTX routers. CSE2000 can be connected to a third-party flow server for flow monitoring. Packets matching the policy criteria for the ingress or egress interfaces on the PTX5000 router are sent to the CSE2000 device for flow monitoring. CSE2000 exports flow records in active flow monitoring version 9 format to the third-party flow server.

Contents

New Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 General Feature Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Platforms Applications Can Run On . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Version Compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Known Behavior . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Known Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 CSE Documentation and Release Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Requesting Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Self-Help Online Tools and Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Opening a Case with JTAC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Revision History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Copyright © 2014, Juniper Networks, Inc.

1

CSE Series 13.3R1 Release Notes

New Features Active flow monitoring version 9—The CSE2000 device is tethered to Juniper Networks PTX5000 Packet Transport Routers and provides support for active flow monitoring version 9. CSE2000 allows scaling of control plane and service plane, without adding components to the existing PTX5000 routers. Using the CSE2000 tethered to a PTX5000, you can perform the following operations: •

Traffic sampling—You can create a copy of traffic and send it to the CSE2000, which performs flow accounting while the PTX5000 router forwards the packet to its original destination.

•

Active flow monitoring—Active monitoring implies that flow monitoring is carried out on the same router (the CSE2000 is treated as a part of the router) that also forwards the packets being monitored.

•

Flow aggregation—You can collect an aggregate of sampled flows and send the aggregate to a specified host that runs the version 9 format defined in RFC 3954, Cisco Systems NetFlow Services Export Version 9. With the version 9 format, you can sample MPLS, IPv4, and IPv6 traffic. [See Flow Monitoring Using CSE2000 Overview]

General Feature Descriptions •

CSE2000 software package—This software contains the bootloader, kernel, and applications. This software is installed on the CSE2000 device tethered to the PTX5000 router. For more information about the installation procedure, see the CSE2000 Hardware Installation Guide. [See Upgrading the CSE2000 Software Package]

•

Configuration and management operations—All configurations and management operations are performed on the PTX5000 router by using Junos configuration statements and commands. There is no direct administrator access to the CSE2000. [See Administration Guide for CSE2000]

Platforms Applications Can Run On To run active flow monitoring version 9, you need a PTX5000 router with a CSE2000 device tethered to the router. You must install CSE2000 software package on the CSE2000 device. [ See CSE2000 Hardware Installation Guide]

Version Compatibility In Junos OS Release 13.3, CSE2000 feature (active flow monitoring version 9) works only if the Junos OS release installed on the PTX5000 router matches the software release

2


Known Behavior

of the CSE2000. For example, CSE Series Release 13.3R1 is compatible only with Junos OS Release 13.3R1 running on the PTX5000 routers.

Known Behavior •

Timing out of flows on CSE2000 after GRES with continuous traffic—During Graceful Routing Engine switchover (GRES), metadata is re-synchronized from Routing Engine (on the PTX5000 router) to the CSE2000. During this period of re-synchronization, sampled packets received on the CSE2000 are dropped. Depending on the re-synchronization time and the flow timeout configuration, some flows might time out during this period. This behavior is similar to the MS-PIC behavior and is a known behavior. PR912399

•

Fragmented packet handling in PTX5000 and CSE2000— When fragmented packets are received on a PTX5000 router (where sampling is enabled) and sent to the CSE2000, the CSE2000 counts only the first fragment (that consists of the first part of the original IP packet) and does not count the trailing fragments. The trailing fragments are dropped and are not accounted for in the flow records. PR916853

•

MPLS output interface is zero in the records when route points to unilist->composite->unicast next hop—There is no support for handling unilists of composite next hops on the CSE2000 service cards. This behavior is similar to the service-PIC. PR889478

•

CSE2000 does not support egress sampling of MPLS packets with explicit NULL label—An egress sampled IPv4 or IPv6 packet with explicit NULL label does not carry correct incoming interface values, as a result of which flow records are not created properly by CSE2000. To avoid improper flow records creation, the egress sampling of MPLS packets with explicit NULL label is currently not supported on CSE2000.

Known Issues

PR875681 •

No CLI support to bring back a CSE2000 service card online—If an online CSE2000 service card (tethered to a PTX5000 router) is taken offline by using the request chassis service-node slot slot-number offline command, then you cannot directly bring back the CSE2000 service card online by using the request chassis service-node slot slot-number online command. As a workaround, you must manually power on the CSE2000 service card to bring it online. PR886280

CSE Documentation and Release Notes The CSE documentation is available online and downloadable. The technical publications home page includes the CSE documentation link. The URL for technical publications home page: http://www.juniper.net/techpubs


3


Table 1: CSE Documentation Documentation Piece

Description

CSE2000 Hardware Installation Guide

This documentation, available in PDF and HTML, includes: •

Device features and specifications

•

Site preparation and compliance

•

Installation and maintenance

•

Safety and troubleshooting information

CSE2000 Quick Start guide

This guide is intended for experienced installers who want to expedite the installation process of CSE2000. It describes the high-level steps of installing and configuring CSE2000

Flow Monitoring Feature Guide for CSE2000

This documentation, available in PDF and HTML, includes:

Administration Guide for CSE2000

•

Overview and configuration topics on configuring active flow monitoring version 9 using CSE2000.

•

Configuration examples for configuring active flow monitoring version 9 using CSE2000.

•

Summaries of configuration statements used to configure active flow monitoring version 9 using CSE2000.

•

Summaries of operational commands used to monitor the active flow monitoring version 9 using CSE2000.

This documentation, available in PDF and HTML, includes: •

Overview of CSE2000.

•

Summaries of operational commands used to monitor the CSE2000 device.

If the information in the latest release notes differs from the information in the documentation, follow the CSE Release Notes.

Requesting Technical Support Technical product support is available through the Juniper Networks Technical Assistance Center (JTAC). If you are a customer with an active J-Care or JNASC support contract, or are covered under warranty, and need postsales technical support, you can access our tools and resources online or open a case with JTAC.

4

•

JTAC policies—For a complete understanding of our JTAC procedures and policies, review the JTAC User Guide located at http://www.juniper.net/customers/support/downloads/710059.pdf .

•

Product warranties—For product warranty information, visit http://www.juniper.net/support/warranty/.

•

JTAC Hours of Operation —The JTAC centers have resources available 24 hours a day, 7 days a week, 365 days a year.


Requesting Technical Support

Self-Help Online Tools and Resources For quick and easy problem resolution, Juniper Networks has designed an online self-service portal called the Customer Support Center (CSC) that provides you with the following features: •

Find CSC offerings: http://www.juniper.net/customers/support/

•

Search for known bugs: http://www2.juniper.net/kb/

•

Find product documentation: http://www.juniper.net/techpubs/

•

Find solutions and answer questions using our Knowledge Base: http://kb.juniper.net/

•

Download the latest versions of software and review release notes: http://www.juniper.net/customers/csc/software/

•

Search technical bulletins for relevant hardware and software notifications: http://kb.juniper.net/InfoCenter/

•

Join and participate in the Juniper Networks Community Forum: http://www.juniper.net/company/communities/

•

Open a case online in the CSC Case Management tool: http://www.juniper.net/cm/

To verify service entitlement by product serial number, use our Serial Number Entitlement (SNE) Tool located at https://tools.juniper.net/SerialNumberEntitlementSearch/.

Opening a Case with JTAC You can open a case with JTAC on the Web or by telephone. •

Use the Case Management tool in the CSC at http://www.juniper.net/cm/ .

•

Call 1-888-314-JTAC (1-888-314-5822 toll-free in the USA, Canada, and Mexico).

For international or direct-dial options in countries without toll-free numbers, visit us at http://www.juniper.net/support/requesting-support.html . If you are reporting a hardware or software problem, issue the following command from the CLI before contacting support: user@host> request support information | save filename

To provide a core file to Juniper Networks for analysis, compress the file with the gzip utility, rename the file to include your company name, and copy it to ftp.juniper.net:pub/incoming. Then send the filename, along with software version information (the output of the show version command) and the configuration, to [email protected]. For documentation issues, fill out the bug report form located at https://www.juniper.net/cgi-bin/docbugreport/.

Revision History 15 January 2014—Revision 1, CSE Series Release 13.3R1 Copyright © 2014, Juniper Networks, Inc. All rights reserved.


5


Juniper Networks, Junos, Steel-Belted Radius, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. The Juniper Networks Logo, the Junos logo, and JunosE are trademarks of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.

6
