vSRX
Highlighted
vSRX

vSRX new architecture - 3.0

‎06-06-2019 05:02 PM

I've been using vSRXs for some time and have always stuck with the recommended version, which is currently 15.1X49-D180 on the Juniper website. I've known for a while there are quite a few newer major releases available - 17.x, 18.x, even 19.x. I've also just learned that there is an entirely new architecture, SRX 3.0, cutting out the QEMU/KVM abstraction that has historically caused us a bit of nested virtualization drama; https://www.juniper.net/documentation/en_US/vsrx/information-products/topic-collections/release-note...

I've spun up a vSRX 3.0 VM and it's boot time is notably quicker. I've also observed that the VM NIC MAC addresses are actually visible to the guest rather than abstracted now, which is nice.

Can anyone tell me why 15.1X49 is still the recommended version? Does anyone have experience with 3.0 or 19.1, and would recommend for or against using them?

4 REPLIES 4
Highlighted
vSRX

Re: vSRX new architecture - 3.0

‎06-07-2019 03:47 AM
Hi, While there is a feature parity with respect to security features some of the platform specific features are not yet available in vSRX3.0. I would say this could be the reason it is not yet recommended. This KB is useful to understand: https://kb.juniper.net/InfoCenter/index?page=content&id=KB33572 We have a few customers where vSRX3.0 has been tested extensively without any major issues reported. Regards, Vikas
Highlighted
vSRX

Re: vSRX new architecture - 3.0

‎06-07-2019 03:51 AM
Hi,

While there is a feature parity with respect to security features some of the platform specific features are not yet available in vSRX3.0.

I would say this could be the reason it is not yet recommended.

This KB is useful to understand: https://kb.juniper.net/InfoCenter/index?page=content&id=KB33572

We have a few customers where vSRX3.0 has been tested extensively without any major issues reported.

Regards,

Vikas


Juniper Internal
Highlighted
vSRX

Re: vSRX new architecture - 3.0

[ Edited ]
‎06-08-2019 02:40 AM

The "recommended" release process is run by the JTAC organization. The process is not public, but what I have heard is this takes a wholistic approach that includes factors like:

 

minimum deploy base actually in use by customers (this insures a valid base of data for the analysis)

 

experience of types, levels and severity of TAC tickets by the version once the higher version is running on enough customers with statistically normal levels of tickets it becomes recommended

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
Highlighted
vSRX

Re: vSRX new architecture - 3.0

‎06-22-2019 08:50 AM

if you have used Junos for some time I'm sure you already know that should never, ever, never, never run the "latest release" - in contrast to others like Windows and Mac the lastest releases of Junos should actally be called beta releases based on the number of bugs they generally will have.