SRX

Hello all,

JTAC have finally taken the (big?) step to move away from the 15.1X49 software to 18.2 for the SRX300 series. I have not had the opportunity to try anything other than the 15.1X49 versions of software, so I was wondering if someone with the the relevant knowledge and experience might be able to describe the headline differences, potential issues, top tips etc for those of us facing the jump to this new recommendation?

Many thanks in advance.

Hello,

There is a nifty tool for comparing features between releases:

https://apps.juniper.net/feature-explorer/compare-softwares.html?category=Security&typ=1#bm=cmpsw&pl=SRX300&rel1=18.2R3&rel2=15.1X49D180&sw1=Junos%20OS&sw2=Junos%20OS

Personally, I went ahead and installed the JTAC recommendation 2 days ago on my home SRX300 for testing before using this for customer devices and came across a few problems. (from 15.1X49-D170.4 to 18.2R3-S1.7)

For instance;

set interface ge-0/0/0 unit 0 family inet dhcp-client

is not a valid command anymore, this is changed to:

set interface ge-0/0/0 unit 0 family inet dhcp

Also, updating remotely and using the root user, i was locked out becuase i was missing the following:

set system services ssh root-login allow

These are relatively minor issues, but it would have been nice to know these in advance and i'm not sure what the best way is to get up to speed to these type of changes between 15.1X49 and 18.2R3

Also with the JTAC recommended 18.2R3-S1.7 and a zeroized config (after the update), DHCP-server doesn't seem to be working, which i'm still troubleshooting.

Because of these issues (having to use a console cable to allow ssh root access and my DHCP breaking) i'm holding off on rolling this out on customer firewalls, who knows what more issues there will be in more complex configurations.

Kind regards,

Jeroen R.

Hello JeroenR, thank you for your input, it is appreciated 🙂 More contributions would be very welcome too.

The best overview before doing a Junos upgrade are the release notes for the version you are about to install.

These have sections that outine all the changes

• New feature list
• changes in behavior list
• bugs that are fixed
• issues that are known outstanding in the release

Hi Steve. 

I pour over the release notes any time a new version is released, but only within the version I'm currently using i.e. 15.1X49 . Is it accurate to say then, if I read the release notes for 19.3R1 this will faithfully reflect all of the differences etc between it and my current JunOS version of 15.1X49-D170? Or do I have to go through a series of release notes to get the full picture?

I forgot to add one caveat.  Junos upgrades only support jumping 3 versions from EOL versions (last dot version from that years train).  To jump 4 versions you need to do two upgrades.

The new version release notes thus assume you are within that window and would not include information from versions older than that.  But if you are within that window than the new version release notes are all you need.

Thanks Steve, that is a key point. Can you give me an example of what you describe i.e. 3 versus 4 versions, to illustrate the point clearly for me, and perhaps others?

Three versions refers to the first number which is the last two digits of the year of the release.  So in your case a three version jump is from 15.x to 18.x, while moving to 19.x is a 4 version jump.

Got it, thank you!