Unexpected T3 Behavior During Unified Issu; Unavailability Of Tacacs+ Services During Unified Issu; Issu - Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - SERVICE AVAILABILITY CONFIGURATION GUIDE 2010-10-08 Configuration Manual
Software for e series broadband services routers service availability configuration guide
Table of Contents
Advertisement
Related
Documentation
Unexpected T3 Behavior During Unified ISSU
Related
Documentation
Unavailability of TACACS+ Services During Unified ISSU
Related
Documentation
Interruption in Traffic Forwarding for Layer 3 Routing Protocols During Unified ISSU
Copyright © 2010, Juniper Networks, Inc.
During a conventional software upgrade, a SONET loss-of-signal defect lasts more
than 2.5 seconds, causing the router to declare an LOS failure. Devices on the remote
end of SONET links detect the failure and bring down the link and the dynamic interface
stacks built on the link.
During a unified in-service software upgrade, the LOS does not last more than 2.5
seconds. The remote device detect a momentary LOS but does not perceive this short
LOS as a link failure and does not bring the link down,
Application Support for Unified ISSU on page 115
Local T3 (DS3) devices are reprogrammed during a unified in-service software upgrade,
generating a defect. The router completes the reprogramming within 2.5 seconds. Because
JunosE DS3 applications declare an alarm and bring down the link only if the defect
persists for more than 2.5 seconds, unified ISSU does not cause the links to be brought
down. However, the remote T3 devices must also wait 2.5 seconds before declaring an
alarm. If the equipment on the far end of the T3 connection generates an alarm
immediately rather than waiting, the link goes down, causing the higher layers to also go
down for the remote equipment.
Application Support for Unified ISSU on page 115
During the upgrade phase of unified ISSU, TACACS+ services are unavailable. If you have
configured AAA authentication for Telnet (with the aaa new-model command) this
lack of availability affects CLI authentication, authorization, and accounting activities.
CLI login and privilege authentication cannot succeed during a unified ISSU unless you
configure at least one of the alternate authentication methods with the aaa
authentication login command: enable, line, or none.
Similarly, CLI exec and command authorization cannot succeed during a unified ISSU
unless you configure one of the alternate authorization methods with the aaa
authorization command: if-authenticated or none.
Because there is no alternate method of accounting other than TACACS, CLI exec and
command accounting does not work during this phase.
Application Support for Unified ISSU on page 115
The routing protocols are affected by two interruptions in traffic forwarding caused by
the unified in-service software upgrade during the upgrade phase.
Chapter 5: Configuring a Unified In-Service Software Upgrade
135
Advertisement
Table of Contents
