Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

17.4R2-S1: Software Release Notification for Junos Software Service Release version 17.4R2-S1

0

0

Article ID: TSB17448 TECHNICAL_BULLETINS Last Updated: 11 Oct 2018Version: 1.0
Alert Type:
SRN - Software Release Notification
Product Affected:
ACX/EX/MX/PTX/QFX/NFX/SRX
Alert Description:
Junos Software Service Release version is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

Junos Software service Release version 17.4R2-S1 is now available.

The following are incremental changes in 17.4R2-S1.

 
PR Number Synopsis Description
1361483 The backup port on an EX4300 may become unstable after software upgrade. In a rare situation and interface could be connected to a peer device support active and standby interface (similar to redundant trunk group RTG). The backup interface on the remote peer become active when the active link of the interface group goes down.
1364477 The kernel might crash after repeatedly deactivating/activating interfaces/filter/class-of-services configurations due to accessing stale memory entry The kernel might crash with a core dump after repeatedly deleting/setting/deactivating/activating interfaces/filter/class-of-services configurations using an automated script. Since the issue is not seen in the initial 2-5 iterations, the probability of hitting this issue is very low.
1367477 The FPC might go down on some vmhost based PTX/QFX platforms On PTX1000/PTX10001-20C/PTX10002-60C/QFX10002-60C, the Flexible PIC Concentrator (FPC) might reboot which might result in the FPC not coming up or the system becoming unresponsive.
1368788 In dual-homed NG-MVPN the receipt of Type 5 withdrawal removes downstream join states for some routes. In a NG-MVPN with spt-only scenario with two type 5 exists and one of them is withdrawn. The multiple type 5 exists due to both PE routers connected via MSDP mesh and gets a MSDP SA route to indicate source is active.
1369011 The dcpfe might crash and all interfaces flap due to this QFX5110 may generate DCPFE core and as side effect all interfaces will flap.
1370182 RSVP authentication interop problem between some Junos releases may cause traffic loss during local repair When RSVP authentication is configured and routers with Junos release >= 16.1 and Junos release < 16.1 co-exist in the network, then RSVP message authentication errors may occur during local repair of an LSP. This can then result in traffic loss.
1374321 LLDP might stop fully working between QFX10000 and non-Juniper device On QFX10000 platform with LLDP enabled, when an L3 interface is configured with vlan tagging, an 802.1q header is added to an LLDP packet when sending out from the interface. LLDP might stop fully working between QFX10000 and non-Juniper device (such as Cisco ASR9K).
1374478 FPC might be unable to work properly if one child interface is removed from an AE bundle in dynamic VLAN subscriber scenario On MX platform which supports next-generation subscriber management, if the Aggregate Ethernet (AE) bundle has multiple child interfaces which are located in the same Packet Forwarding Engine (PFE) complex, e.g. ge-1/0/0 and ge-1/0/1, when dynamic VLAN subscriber gets online from the AE bundle, then one physical child interface is removed out of the AE bundle, e.g. ge-1/0/0, the Flexible PIC Concentrator (FPC) might keep reporting error logs, and the statistics on the dynamic VLAN flow also won't get incremented. Therefore PFE might be unable to work properly due to this issue.
1376354 The rpd process might crash continuously if nsr-synchronization or all flag is used in RSVP traceoptions Applying Resource Reservation Protocol (RSVP) traceoptions with nsr-synchronization flag or all flag on a Nonstop Active Routing (NSR) enabled device may cause the rpd process to crash due to memory corruption. The memory corruption occurs when size of received RSVP Path message being replicated from master routing engine(RE) to standby RE is greater than 768 characters.
1377521 DHCP Discover packets might be dropped if there is VXLAN configured On QFX5000/EX4600 platforms, if changing an interface from Virtual Extensible Local Area Network (VXLAN) to a member of an Aggregated Ethernet (AE) interface, the Dynamic Host Configuration Protocol (DHCP) relay would not work and the DHCP client would not get IP address normally.
1379129 Radius VSA's, Actual-Data-Rate-Downstream and Actual-Data-Rate-Upstream values are not complaint with RFC 4679. Radius VSA's, Actual-Data-Rate-Downstream and Actual-Data-Rate-Upstream sent from LNS with 8 byte value field instead of 4 bytes as specified by the RFC 4679. However on the MX provisioned as a LAC or PPPOE server, these values are sent with correct length.
1379558 The rpd process might crash after executing commit the configuration related to mapping-server-entry In a LDP (Label Distribution Protocol) network with gradual deployment of segment routing (a.k.a. LDP mapping server feature), the rpd process might crash after executing commit the configuration related to "mapping-server-entry prefix-segments/prefix-segment-ranges" with the maximum number of entries exceeded (16 for 17.4 and 64 for 17.4R2 onwards).
1380783 L3VPN traffic will be dropped due to selector weight was set to 65535 after one Core-facing interface was down L3VPN traffic will be dropped due to selector weight was set to 65535 after one Core-facing interface was down
1380799 Higher level OAM CFM between CE might not work in VPLS scenario In VPLS scenario, if the OAM CFM (connectivity-fault-management, i.e., 802.1AG) level between CE and CE is higher than the level 3 between CE and PE, and 'action profile' is configured between CE and PE, the PDU (protocol data unit) of OAM CFM between CE might be dropped in PE, resulting in failure in Ethernet OAM between CE.
1380862 Junos OS: Receipt of a specifically crafted malicious MPLS packet leads to a Junos kernel crash (CVE-2018-0049) Junos OS: Receipt of a specifically crafted malicious MPLS packet leads to a Junos kernel crash (CVE-2018-0049); Refer to https://kb.juniper.net/JSA10883 for more information.
1381017 The dot1x does not work with Microsoft NPS server On EX series platforms, if Protected Extensible Authentication Protocol (PEAP) is configured in dot1x, and the authentication server is Microsoft Network Policy Server (NPS), then the dot1x authentication will fail.
1381527 Constant memory leak might lead to FPC memory exhaustion On MX/EX9200 platforms, constant memory leak might occur on a Flexible PIC Concentrator (FPC), and such condition might finally lead to memory exhaustion and the FPC would core.
1382727 The PFE might crash if the GRE destination IP is resolved over another GRE tunnel On QFX10k Series platforms, the Packet Forwarding Engine (PFE) might crash if the Generic Routing Encapsulation (GRE) tunnel destination IP is resolved over another GRE tunnel.
1384517 The dcpfe process might crash while changing MTU of physical ports for GRE On QFX10000 and QFX10008 with generic routing encapsulation (GRE) tunnel deployed, maximum transmission unit (MTU) change of physical interface for GRE tunnel might cause the dcpfe process to crash and impact traffic.
1385204 Ingress LSPs down due to CSPF failure Ingress LSPs down due to CSPF failure if the higher priority protocol does not have a route. (But lower priority protocol has a route).
1389569 PTX5K/PTX1K/PTX10K/QFX10K -- excessive bfd flap observed with 'Local diag: CtlExpire Remote diag: None Reason: Detect Timer Expiry' errors With inline BFD configured on PTX or QFX10K platform, BFD sessions may reset continuously.
Modification History:
First publication date 2018-10-11
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search