In a previous blog we have discussed the topic of how Juniper has changed their practice and offers more products of their portfolio with separated software and hardware.
Even though this hasn’t been applied completely to their switching series, namely EX and first generation QFX switches, there are quite a few licenses options a customer can purchase in time, implementing Juniper famous “pay-as-you-grow” solutions for expanding and developing their networks.
Let’s begin with EX series
Juniper’s EX portfolio can offer variety of solutions including access switches that deliver fixed 1GbE and multigigabit configurations to the enterprise network, 10GbE aggregation switches for high-density enterprise campus deployments and flexible modular core switches for mission-critical deployments. Most of the EX switches are offering full set of L2 and L3 capabilities as part of the base software but to enable some extra features one must install separate licenses.
To summarize there are 3 types of licenses that can be ordered with the EX switches:
Enhanced feature license (EFL)
| Type of features | EX Series | Licenses part number |
| Bidirectional Forwarding Detection (BFD) | EX2200, EX2300, EX3300, EX3400, EX4300 | For 12-port EX switches EX-12-EFL |
| Connectivity fault management (IEEE 802.1ag) | EX2200 EX4300 | For 24-port EX switches EX-24-EFL |
| IGMP (Internet Group Management Protocol) version 1 (IGMPv1), IGMPv2, and IGMPv3/ | EX2200 & EX2300 EX3300 EX3400 EX4300 | For 48-port EX switches EX-48-EFL |
| IPv6 routing protocols: Multicast Listener Discovery version 1 and 2 (MLD v1/v2), OSPFv3, PIM multicast, VRRPv3 | EX2300 EX3300 EX3400 | For EX4300 EX4300-24-EFL EX4300-32F-EFL EX4300-48-EFL |
| Multicast Source Discovery protocol (MSDP) | EX2300 EX3400 EX4300 | |
| RIPng (RIPng is for RIP IPv6) | EX2300 EX3400 EX4300 | |
| OSPFv1/v2 (with four active interfaces) | EX2200 & EX2300 EX3300 EX3400 EX4300 | |
| Protocol Independent Multicast (PIM) dense mode, PIM source-specific mode, PIM sparse mode | EX2200 & EX2300 EX3300 EX3400 EX4300 | |
| Q-in-Q tunneling (IEEE 802.1ad) | EX2200 EX3300 | |
| Unicast reverse-path forwarding (RPF) | EX3300 EX3400 | |
| Real-time performance monitoring (RPM | EX2200 EX2300 EX3300 EX3400 EX4300 | |
| Virtual Router | EX2200 EX3300 EX3400 EX4300 | |
| Virtual Router Redundancy Protocol (VRRP) | EX2200 & EX2300 EX3300 EX3400 EX4300 |
Advanced Feature Licenses (AFL)
| Type of features | EX Series | Licenses part number |
| Border Gateway Protocol (BGP) and multiprotocol BGP (MBGP) | EX3300, EX3400, EX4300, EX4600, EX3200, EX4200, EX4500, EX4550, EX8200, EX9200, EX9250, EX6200 | For 24-port switches EX-24-AFL |
| IPv6 routing protocols: IPv6 BGP and IPv6 for MBGP | EX3300, EX3200, EX4200, EX4500, EX4550, EX8200, EX9200, EX9250, EX6200 | For 48-port switches EX-48-AFL |
| Virtual routing and forwarding (VRF) BGP | EX3300 | |
| Intermediate System-to-Intermediate System (IS-IS) | EX3400, EX4300, EX4600, EX3200, EX4200, EX4500, EX4550, EX8200, EX9200, EX9250, EX6200 | EX4300-24-AFL EX4300-32F-AFL EX4300-48-AFL |
| Multiprotocol Label Switching (MPLS) | EX4600 | EX4550-AFL |
| Virtual Extensible LAN (VXLAN) | EX4600 | EX4600-AFL |
| Ethernet VPN | available only on EX9200 & EX9250 | EX6210-AFL |
| Logical systems | available only on EX9200 | EX8208-AFL EX8216-AFL |
| MPLS with RSVP-based label-switched paths (LSPs) | Starting with Junos OS Release 17.3R1, you can enable up to 200 RSVP-TE sessions in the EX9200 | EX9204-AFL EX9208-AFL EX9214-AFL |
| MPLS-based circuit cross-connects (CCCs) | available only on EX4200 and EX4550 | EX9251-AFL EX9251-ML |
| Open vSwitch Database (OVSDB) | available only on EX9200 | |
| Virtual Extensible LAN (VXLAN) | available only on EX9200 and EX9250 | EX9253-AFL EX9253-ML EX9253-SFL |
- Media Access Contol Security (MACSec) is a security technology that provides secure communication for almost all types of traffic on Ethernet links. MACSec is standardized in IEEE 802.1AE that gives point-to-point security between directly-connected nodes and is capable of identifying and preventing most security threats. A feature license is required (EX-QFX-MACSEC-ACC) to configure MACsec on EX Series and QFX series switches, with the exception of the QFX10000-6C-DWDM and QFX10000-30C-M line cards.
We continue with the QFX series, which are access and top-of-rack 10/25/40/100GbE Layer 2 and Layer 3 switches, which are a perfect solution for dynamic data center environments. We will dig into QFX5100-48S/T as these were one of our most popular switches in the past few months.
QFX5100-48 is a L3 managed switch with 48x 1GbE/10 GbE (fiber or copper) ports and 6×40 GbE QSFP+ with 1.44Tbps throughput and 1.08 Bpps data rate and up to 288 000 MAC address. These switches come with number of features like zero-touch provisioning ZTP, automatic rollback, basic Ipv6, Python scripting, layer 2 getaway services for networking automation and Plug-and-Play operations, Virtual Router, Unicast reserve-path (RPF), IGMPv1/v2/v3 but they require the advanced edge license QFX-JSL-EDGE-ADV1 to enable features like:
| Premium Features | Advanced features |
| BGP | MPLS |
| Ethernet VPN | MPLS-based CCC |
| IpV6 for BGP/MBGP | RSVP-based LSP |
| IS-IS | Segment routing |
| IS-IS for IpV6 | |
| MBGP | |
| OSVSDB | |
| VRF(BGP) | |
| VXLAN |
Another useful features implemented in the QFX series is the Virtual Chassis Fabric (VCF) technology.
The VCF allows the interconnection of multiple switches into a spine-and-leaf fabric architecture and manages all of them as a single device. Supported switches in VCF are QFX5100, QFX5110, EX4300, QFX3600 and QFX3500. The Licenses required for VCF is QFX-VCF-LIC
An important note to mention here is all of the devices in the VCF have to be updated to the same Junos OS that support VCF and if QFX5100 switches are running Junos image “qfx-5” they need to be upgraded to “qfx-5e” to be able to use the QFX-VCF-LIC.
Hopefully we were able to shine some more light on the maze of licenses. But if you are still unsure or just want to double check feel free to give us a call or send us an email. We are always happy to help out!
