07-11-2011 01:20 PM
To all the admins of Juniper devices (and Juniper techs as well)...
What do you all use as an upgrade schedule? . My idea was to always upgrade to what the "Recommended Releases for EX-Series, J-Series and SRX-Series" table states (found here) That way if I call support, I can point to the fact that I am running the recommended release.
I am currently at 10.4R3.4 (released 3/21/11 and was the recommended release in April)
For the SRX 240, they are currently recommending 10.4R4.5 (released 5/9/11)
The line at the top states “JTAC recommends that customers use the latest maintenance release (revision) of the following JUNOS Software versions on their Juniper device. These versions are considered to be the most mature and stable.”
Does that line are suggest that we install 10.4R5.5? Since that would be the latest maintenance release of 10.4 – released on 6/16/2011 – 1 day after the matrix was updated, instead of the 10.4R4.5 listed on the matrix?
I have 2 clusters to update and I don’t want to go through the whole update testing, if the recommended version is about to jump to 11.1R3 or 11.1R4(not released yet)
Just curious what other admins are doing for their updates since Juniper forks the heck out of their software releases…
07-11-2011 10:03 PM
The JTAC recommended releases are just that - recommendations based on the best field experience availalble at the time of posting. In an ideal world (and we hope to get there soon), these would all be R1 releases and we wouldn't need the list.
Meanwhile, it's a guide to assist in planning for an upgrade which is required for platform, feature or other reasons. In other words, you don't need to stay current on the latest updates to that page, and it's really intended to advise customers running older releases where the best upgrade experience is likely to be had.
So decide what features you need, work with your SE or reseller to determine which release supports them, and then locate the closest release on the recommendations page is a best-practice recommentation. One additional factor to consider is the lifespan of the release. Every 4th quarter release (such as 10.4) is an EEOL or Extended End Of Life release which has a much longer support window. Customers wanting a longer-term release plan should consider qualifying EEOL releases.
[We update the code frequently, and have 3-4 trains running simultaneously (each of which is updated)- is that what you mean by fork?]
Hope this helps.
07-12-2011 07:03 AM
Thanks. In my line of business, we must maintain and follow certain compliance standards. One policy that exists in many different compliance requirements is that systems be running the latest patches, revs, updates, etc... For most systems, this is straight forward.... until you get to the Juniper devices. So I am just seeing how other people keep up to date when using Juniper devices. I learned early on not to install the R1 releases because random things would stop working.
Now I watch the forums and let other people install them and see what kind of outcry there is before moving ahead. That or I wait till it gets to an R3 or R4 and assume the kinks are worked out.
For the Fork, that's what I was refering to. Similar to http://en.wikipedia.org/wiki/Fork_(software_development)
07-12-2011 10:30 AM
Actually the same tends to go for Cisco appliances.. X.X.1 releases tend to have many X.X.1.X intermium bug service releases, the difference is they don't publish them, you have to hit the bug before they tell you about them. Also on both Cisco and Juniper software the major releases tend to be maintained and supported for some time with several service releases comming out..
Always read the release notes, and in the case of Juniper keep an eye on recommended released. Cisco doesn't even provide a recomendation.
07-12-2011 12:03 PM
Ahhh...I hope you have some leeway on how to interpret those compliance requirements or you will have few free weekends!
We have maintenance releases coming out on each active branch (which is perhaps more descriptive than fork) at a pretty rapid clip. With 10.4 (and on) in particular we adopted a new policy that has much more rapid maintenance releases than we've done in the past.
Hopefully you can limit those upgrades to just required security vulnerabilities (which are thankfully rare - see http://www.juniper.net/alerts/browsealerts.jsp?audience=2001&category=3281#results for the up-to-date list - or subscribe here: http://www.juniper.net/alerts/subscribe.jsp?actionBtn=Modify ) and/or planned upgrades to implement new features.