[j-nsp] JUNOS 10.1 on EX

[Richard A Steenbergen]

On Wed, May 12, 2010 at 08:43:52AM +1000, Ben Dale wrote:
> 
> If you're running any 4200s with virtual chassis, give 10.1 a miss for
> the moment and wait for 10.2.  There is a nasty bug whereby the backup
> VC seems to be logging everything at debug level and the
> pfed_event_trace.log keeps growing until you can't event commit
> configs any more. 
> 
> Gory details and hacky work-around at: http://kb.juniper.net/KB16810 

That is fixed in 10.1S1 and above, not sure about virtual chassis but on 
EX8200 you can easily fix it with no impact by upgrading the JUNOS on 
the backup RE (since it's not like graceful anything actually works yet 
:P). You wouldn't want to wait for 10.2 for something like this anyways. 
everything before the letter indicates development in features (and 
bugs), e.g. 10.2 will be 4 months worth of "new and exciting stuff", 
whereas everything after the letter indicates only bug fixes to the 
previous branch. 10.1R2 and every release going forward will have that 
fix, 10.2 will have all new bugs. Of course in reality they break new 
stuff by trying to add features on the back end between bug fix releases 
all the time, but lets not discuss that. :)

But speaking of bugs, we did just discover an awesome bug in 10.1S1 and
10.1R2 on EX8200 where a firewall filter which references a prefix-list
was incorrectly matching things outside the prefixes on the list. Not
sure on the exact cause or potential workarounds yet, but it seems to be
pretty easy for us to replicate. Given this and the other issues
w/updating prefix-lists referenced in a firewall filter causing crashes,
you might want to lay off that feature for a bit. :)

-- 
Richard A Steenbergen <ras at e-gerbil.net>       http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)