SRX Services Gateway
Highlighted
SRX Services Gateway

JTAC Recommended Junos Software for SRX300/320/340/345 change

[ Edited ]
‎10-02-2019 01:02 AM

Hello all,

 

JTAC have finally taken the (big?) step to move away from the 15.1X49 software to 18.2 for the SRX300 series. I have not had the opportunity to try anything other than the 15.1X49 versions of software, so I was wondering if someone with the the relevant knowledge and experience might be able to describe the headline differences, potential issues, top tips etc for those of us facing the jump to this new recommendation?

 

Many thanks in advance.

8 REPLIES 8
SRX Services Gateway

Re: JTAC Recommended Junos Software for SRX300/320/340/345 change

[ Edited ]
‎10-03-2019 03:15 AM

Hello,

 

There is a nifty tool for comparing features between releases:

 

https://apps.juniper.net/feature-explorer/compare-softwares.html?category=Security&typ=1#bm=cmpsw&pl...

 

Personally, I went ahead and installed the JTAC recommendation 2 days ago on my home SRX300 for testing before using this for customer devices and came across a few problems. (from 15.1X49-D170.4 to 18.2R3-S1.7)

 

For instance;

set interface ge-0/0/0 unit 0 family inet dhcp-client

is not a valid command anymore, this is changed to:

set interface ge-0/0/0 unit 0 family inet dhcp

 

Also, updating remotely and using the root user, i was locked out becuase i was missing the following:

set system services ssh root-login allow

 

These are relatively minor issues, but it would have been nice to know these in advance and i'm not sure what the best way is to get up to speed to these type of changes between 15.1X49 and 18.2R3

 

Also with the JTAC recommended 18.2R3-S1.7 and a zeroized config (after the update), DHCP-server doesn't seem to be working, which i'm still troubleshooting.

 

Because of these issues (having to use a console cable to allow ssh root access and my DHCP breaking) i'm holding off on rolling this out on customer firewalls, who knows what more issues there will be in more complex configurations.

 

Kind regards,

 

Jeroen R.

SRX Services Gateway

Re: JTAC Recommended Junos Software for SRX300/320/340/345 change

‎10-03-2019 06:59 AM

Hello JeroenR, thank you for your input, it is appreciated Smiley Happy More contributions would be very welcome too.

SRX Services Gateway

Re: JTAC Recommended Junos Software for SRX300/320/340/345 change

‎10-06-2019 03:03 PM

The best overview before doing a Junos upgrade are the release notes for the version you are about to install.

 

These have sections that outine all the changes

  • New feature list
  • changes in behavior list
  • bugs that are fixed
  • issues that are known outstanding in the release

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
SRX Services Gateway

Re: JTAC Recommended Junos Software for SRX300/320/340/345 change

‎10-06-2019 11:58 PM

Hi Steve. 

 

I pour over the release notes any time a new version is released, but only within the version I'm currently using i.e. 15.1X49 . Is it accurate to say then, if I read the release notes for 19.3R1 this will faithfully reflect all of the differences etc between it and my current JunOS version of 15.1X49-D170? Or do I have to go through a series of release notes to get the full picture?

SRX Services Gateway

Re: JTAC Recommended Junos Software for SRX300/320/340/345 change

‎10-07-2019 02:55 AM

I forgot to add one caveat.  Junos upgrades only support jumping 3 versions from EOL versions (last dot version from that years train).  To jump 4 versions you need to do two upgrades.

 

The new version release notes thus assume you are within that window and would not include information from versions older than that.  But if you are within that window than the new version release notes are all you need.

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
SRX Services Gateway

Re: JTAC Recommended Junos Software for SRX300/320/340/345 change

‎10-07-2019 05:46 AM

Thanks Steve, that is a key point. Can you give me an example of what you describe i.e. 3 versus 4 versions, to illustrate the point clearly for me, and perhaps others?

SRX Services Gateway

Re: JTAC Recommended Junos Software for SRX300/320/340/345 change

‎10-07-2019 05:19 PM

Three versions refers to the first number which is the last two digits of the year of the release.  So in your case a three version jump is from 15.x to 18.x, while moving to 19.x is a 4 version jump.

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
SRX Services Gateway

Re: JTAC Recommended Junos Software for SRX300/320/340/345 change

‎10-07-2019 10:55 PM

Got it, thank you!