1. Documentation
  3. Product Updates
  5. US-GovCloud Product Updates
  7. May 31st 2024 Updates (GovCloud)

May 31st 2024 Updates (GovCloud)

Modified on

Juniper Mist on US GovCloud addresses specific regulatory and compliance requirements of US government agencies at the federal, state, and local level; contractors; educational institutions; and other US customers that run sensitive workloads in the cloud. Currently, this environment is “In-process” on the FedRAMP marketplace for Impact level “Moderate”.

This page lists the Juniper Mist updates released on US GovCloud on May 31, 2024.

DHCP Relay configuration in campus fabric topologies

We have extended the DHCP Relay functionality to Campus Fabric topologies. Earlier, network administrators had to enable DHCP Relay on each switch in a fabric from the Switch Details page. With this functionality generally available, you as a network admin can do this once from the DHCP Relay tile on the Network Settings tab of the campus fabric configuration page. The DHCP Relay tile has the following options:

  • Enabled—Configures DHCP relay on all the IRB-enabled devices in campus fabric. This option allows you to enable DHCP Relay on networks that you selected. The network will be populated inside the DHCP Relay tile if it is listed on the Networks tab on the same page.

  • Disabled—Disable DHCP relay on the devices in campus fabric. When you select this option, the DHCP relay is disabled on all the IRB-enabled devices. Note that selecting this option will remove the locally defined DHCP Relay on the Switch Detail page.

  • None—This option is automatically selected when the campus fabric topology has a mix of devices in terms of the DHCP relay configuration; that is, some devices have the DHCP relay enabled, some have it disabled, and some do not have it defined. This option will be visible for all Campus Fabric topologies that have DHCP Relay locally defined on individual switches.

You can remove all the locally defined DHCP Relay networks by selecting Enabled > “Remove all existing device level DHCP Networks“. You can simplify the DHCP Relay deployment by centralizing any configuration change from the campus fabric workflow.

When you enable DHCP relay in a campus fabric configuration, it is enabled on all the IRB-defined devices in the fabric and disabled on the rest of the devices, as listed below.

  • In EVPN Multihoming topologies, DHCP relay is enabled on collapsed core devices and disabled on the rest.

  • In Campus Fabric Core-Distribution (CRB) topologies, DHCP relay is enabled on core devices and disabled on the rest.

  • In Campus Fabric Core-Distribution (ERB), DHCP is enabled on distribution devices and disabled on the rest.

  • In Campus Fabric IP Clos edge topologies, DHCP is enabled on access devices and disabled on the rest.

Port mirroring in switch rules

You can configure port mirroring as part of the switch rules in the Select Switches Configuration section in the switch templates at the organization level (Organization > Switch Templates), site level (Site > Switch Configuration), and device level. This feature allows you to dynamically apply port mirroring on switches that match the parameters such as the switch role, switch name, and switch model as specified in the rules. Port mirroring is a method of copying and sending network packets transmitted as input from a port (or a VLAN) to another port (or a VLAN) of a switch. It is a network monitoring technique implemented on network switches and similar devices. When port mirroring is enabled, the switch sends a copy of the network packet from the mirrored ports to the monitor port. This feature is typically used for monitoring and intrusion detection. In the port mirroring configuration, you can specify the following:

  • Input: The source (an interface or network) of the traffic to be monitored. Along with the input, you can specify whether you want Mist to monitor the ingress traffic or the egress traffic for an interface. If you want both ingress and egress traffic to be monitored, add two input entries for the same interface – one with the ingress flag and the other with the egress flag.
  • Output: The destination interface to which you want to mirror the traffic. You cannot specify the same interface or network in both the input and output fields.

IPv6 Underlay Support for Campus Fabric

Campus fabric topologies in Mist now support IPv6 in the underlay. The following topology types support IPv6:

  • EVPN Multihoming
  • Campus Fabric Core-Distribution (ERB)
  • Campus Fabric IP Clos

You can enable IPv6 from the Topology tab of the Campus Fabric configuration.