Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

17.2R1-S7: Software Release Notification for Junos Software Service Release version 17.2R1-S7

0

0

Article ID: TSB17483 TECHNICAL_BULLETINS Last Updated: 07 Dec 2018Version: 2.0
Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, MX, PTX, QFX, VMX, VRR
Alert Description:
Junos Software Service Release version is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

Junos Software service Release version 17.2R1-S7 is now available.

The following are incremental changes in 17.2R1-S7.

 
PR Number Synopsis Description
1284850

RE may crash during NH addition in race condition.

When the RE switchover is performed, the new master performs the NH additions corresponding to the routes being programmed on the system. During the unicast NH programming, there is a potential race condition wherein we might see the memory pointer associated with the relevant NH parameters return a NULL value and trigger kernel crash.

1297728

The mgd process might consume high RE CPU when certain show commands are executed

On running certain commands that involve command-forwarding, a MGD process is created to retrieve the data. In rare cases, if this command times out or if it is manually terminated (example: using Ctrl+C), then it can lead to MGD to utilize high RE CPU.

1304627

JDISwitchingReg : DSCP Value changes are not reflected in LLDP PDU

After modifying the DSCP value in the classifier, the value is not getting reflected in LLDP PDU TCP dump.

1311875

PTX10K: an FPC may restart without a warning when the speed on an interface is by configuration

Without the fix, whenever a user changes pic or port speed, the affected FPCs will restart automatically. With this change, an alarm is raised and user intervention is required to take the effect.

1315066

The rpd might constantly consume high CPU in BGP setup

On all platforms with Border Gateway Protocol (BGP) configured, if BGP routes are queued to send to any peer (this could be caused by simply having network churn), the rpd might constantly consume high CPU (98%).

1322535

The rpd might crash when two nexthops are installed with the same Next hop index

When two nexthops are installed and they have the same Next hop index in kernel, an rpd crash on the master RE might happen.

1324531

The memory leakage seen in mosquitto-nossl daemon

In Message Queue Telemetry Transport (MQTT) scenario, the memory leakage (about 4k memory leakage every 30 seconds) might be seen. However, on very long runs, this uses up high memory which can indirectly impact other daemons running.

1331185

The dcd process might crash due to memory leak and causing commit failure

In some situations, like multiple commit in a short time with scaled configuration, dcd memory leak might occur. This could cause commit to fail.

1333570

The "dead" next-hop may be seen in BGP-LU scenario

In BGP Labeled Unicast (BGP-LU) scenario, if the device works as penultimate hop and receives BGP-LU routes with indirect next-hop from an egress router, after the operational next-hop interface corresponding to those labeled routes flaps, a "dead" next-hop type (discard action is performed for this type) may be set for the related clone routes (s=0) and still there even the next-hop interface is operational again.

1335349

Commit might fail with error message from commit script handler

With commit script configured, commit may fail after continuous commits.

1336946

The command "set protocols lldp neighbour-port-info-display port-id" might not take effect

When configuring "lldp neighbour-port-info-display port-id", it might not display the Port Identification TLV in the Port info field of the "show lldp neighbors" CLI command.

1337849

Rpd might crash if SRLG information is in the protocol ISIS

On all platforms with Shared Risk Link Group (SRLG) configued, if the SRLG information is in the protocol Intermediate system to Intermediate system (ISIS), rpd might crash.

1338559

After a MPLS LSP link flap and local repair, a new LSP instance is tried to be signaled but it may get stuck

After Resource Reservation Protocol (RSVP) Multiprotocol Label Switching (MPLS) Label Switched Path (LSP) link flaps (link goes down and comes back up), RSVP tries to create a second MPLS LSP instance, if Resv/PathErr message drops for the second MPLS LSP instance, then the second MPLS LSP instance is stuck, and no further optimizations are possible.

1338688

MX Series: L2ALD daemon may crash if a duplicate MAC is learned by two different interfaces (CVE-2018-0056)

MX Series: L2ALD daemon may crash if a duplicate MAC is learned by two different interfaces (CVE-2018-0056); Refer to https://kb.juniper.net/JSA10890 for more information.

1339567

JSA10879 2018-10 Security Bulletin: Junos OS: RPD daemon crashes due to receipt of specific Draft-Rosen MVPN control packet in Draft-Rosen MVPN configuration (CVE-2018-0045)

RPD daemon crashes due to receipt of specific Draft-Rosen MVPN control packet in Draft-Rosen MVPN configuration (CVE-2018-0045); Refer to https://kb.juniper.net/JSA10879 for more information.

1341650

While downgrading a JunOS platform from a later release, the router goes into amnesiac state

While downgrading a JunOS platform from a later release to 17.3R2-S2, the box goes into amnesiac state. This issue is not seen when upgrading from 17.3R2.

1342707

Transition of VRRP backup to master may result in dead next-hops

In Virtual Router Redundancy Protocol (VRRP) scenario, backup router resolves the destination to the VRRP virtual media access control address(VMAC) which resides on the master router. When backup transitions to master it has to own the VMAC now. In this scenario kernel is deleting the earlier next hop(NH) entries, which is VMAC due to Proxy ARP(Proxy Address Resolution Protocol), to program the PFE as per the latest VRRP transition. If any user route pointing at this NH, it end up being a route with dead NH which leads to traffic loss to that destination.

1344177

JSA10882 2018-10 Security Bulletin: Junos OS: Memory exhaustion denial of service vulnerability in Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support (CVE-2018-0048)

Junos OS: Memory exhaustion denial of service vulnerability in Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support (CVE-2018-0048); Refer to https://kb.juniper.net/JSA10882 for more information.

1349157

Some LSPs might be stuck on the upstream devices after interfaces flap occurs on downstream devices

If flapping the interfaces on downstream device, some LSPs might be stuck on the upstream devices even if the LSP's state is UP.

1349167

Rpd crash might be seen after executing RE switchover

On all platforms with GRES enabled, if bring up scaling number of BGP peers, after executing RE switchover, rpd crash might be seen.

1350401

The ZTP process might cause the black holing of the traffic

After executing the Zero Touch Provisioning (ZTP) for EX/QFX Series switches, the stale DHCP route (identified generally as 0.0.0.0/0 with the mark of [access-internal] by seeing the route information) might not be deleted in case Auto Image Upgrade (AIU) fails temporarily before eventually be succeeding. In such error condition, it will cause the black holing of the traffic. The AIU failure and restart might due to the scenarios as follows: - Insufficient options from dhcp server; - File fetch failure from the file server (ftp, tfts, http failure); - Image installation failure; - Configuration apply failure (in case of no image installation);

1350941

Rpd might crash when BGP route damping and BGP multipath feature are configured

The Routing Protocol Process (rpd) might crash with core dump in case the BGP route damping and BGP multipath feature are configured. The active route is deleted but not freed due to damping and then the active route resurfaces later, which causes the issue.

1351334

JSA10892 2018-10 Security Bulletin: Junos OS: authd allows assignment of IP address requested by DHCP subscriber logging in with Option 50 (Requested IP Address) (CVE-2018-0057)

Junos OS: authd allows assignment of IP address requested by DHCP subscriber logging in with Option 50 (Requested IP Address) (CVE-2018-0057); For more details, please refer to https://kb.juniper.net/JSA10892 for more information.

1354582

The alarm errors might be seen during the bootup on QFX10000

On QFX10000 Series switches, during the bootup, some errors might be seen if the FPC has any link which is not up.

1355299

Packets destined to RE might be dropped in the kernel when LACP is configured

Packets destined to the master RE (Routing Engine) might be dropped in the kernel due to excessive network traffic on the internal Ethernet interface. This excessive traffic results from LACP (Link Aggregation Control Protocol) reprogramming all the LACP member links periodically at 30 second interval.

1355542

Commit error observed if box is downgraded from from 18.2/18.3 release to 17.3R3

Commit error observed if box is downgraded from from 18.2/18.3 release to 17.3R3 On loading the new image, certain stale symlinks from previous image contents need to be removed which impact mgd. In this case, the .slax script symlinks from /var/db/sripts/translation are not getting removed, which causes issues in the initial commit by mgd The issue is only seen when the previous image was having translation scripts (as part of Junos image) and the new image isn't have these translation scripts

1357427

RE switchover during backup RE being not GRES ready might cause linecard restart, RE kernel crash and multiple chassisd crashes

On all Junos platforms with dual Routing Engines (RE), if Graceful Routing Engine Switchover (GRES) is enabled to provide High Availability (HA) protection, the backup RE (RE1) might be out of synchronization with the master RE (RE0), and the kernel state in the backup RE (RE1) is not cleaned due to a software defect. After staying in such status for a long time, once the keepalive timeout is detected between the master and backup RE, the backup RE (RE1) will take over the mastership. All the line cards will be restarted when they are connected to the new master RE (RE1) after switchover due to the missing of master-backup synchronization. Then the new master RE (RE1) might crash due to some data structure field overflows in the kernel since the kernel state has not been cleaned for a long time. After that the original master RE will take the mastership back again. The issue will cause complete traffic loss.

1361550

rpd struck at 100% after clear bgp neighbor operation

When a peer is coming is being established and it need to catch up with other peers which have received many more updates, the merge code will verify that the routes are to be announced. If none of the prefixes are to be announced before it has processed it's fair share of entries we will start from the beginning again. This is much more likely to hit an a situation where there is zero route churn.

1362560

The route stuck might be seen after BGP neighbor and route flapping

It is route installation failure case which is not handled properly in BGP multipath scenario. It might cause traffic loss.

1362653

Traffic might not be forwarded when the member link of the AE is added or deleted

On QFX10000 platform with IRB enabled, traffic might not be forwarded on some of the child members when the member link of the AE is added or deleted.

1364391

On QFX10008, QFX10016, PTX1000, PTX5000, PTX10008, PTX10016 platforms, MPLS exp rewrite might not work for IPV6 and IPV4 traffic

On QFX10008, QFX10016, PTX1000, PTX5000, PTX10008, PTX10016 platforms, MPLS EXP rewrite might not work properly when the child members of an aggregate interface are in different FPCs.

1365653

The LSP might remain UP even if no path is acceptable due to CSPF failure

In Resource Reservation Protocol (RSVP) scenario, the label-switched path (LSP) might remain UP even if no path is acceptable due to Constrained Shortest Path First (CSPF) failure. There are two scenarios which may result in CSPF failure. Scenario 1 with MBB: optimization timer fires during make-before-break (MBB). Scenario 2 without MBB: A link/IGP flap causes CSPF, but it depends on timing.

1365740

Root password recovery process doesn't work

On QFX5110/QFX5200/QFX10000 platforms, the JUNOS Boot menu cannot appear due to 'CTRL+C' does not give the menu during the boot process. Root password recovery option might not available.

1366562

The next-hop of MPLS path might be stuck in hold state which could cause traffic loss

If an MPLS path uses an IPv6 next-hop, the next-hop might be stuck in hold state in the following scenario: Initially the router triggers the IPv6 Neighbor Discovery (ND) but the neighbor advertisement from peer is not received. Eventually the neighbor state moves to 'unreachable' state and the next-hop of MPLS path using this neighbor will become rejected. After this, if the router receives a neighbor solicitation message from the peer, the neighbor state will move to reachable state in IPv6 neighbor table. The IPv6 module should notify the change to MPLS module, but somehow, the notification is missed. This cause the next-hop of the MPLS path to be stuck in hold state.

1368986

Commit may fail in single-user mode

If the device is booted into single-user mode (recovery mode), and any change in configuration is made, such as setting the root password, then commit will fail.

1374102

LSP with auto-bandwidth enabled goes down during HMC error condition

On PTX or QFX10K platform, when HMC (Hybrid Memory Cube) error occurs, LSPs (Label Switched Paths) might go down due to incorrect bandwidth requested for auto-bandwidth adjustment.

1377526

Traffic traversing an IRB is not tagged with a VLAN if the packets goes through an additional routing-instance

Traffic traversing an IRB is not tagged with a VLAN if the packets goes through an additional routing-instance

1378392

Traffic might be dropped on third-generation FPCs on PTX

On PTX with third-generation FPCs, if optics not certified by Juniper Networks (NON-JNPR) are used and there is specific traffic pattern with congestion, traffic might be dropped.

1380862

JSA10883: Junos OS: Receipt of a specifically crafted malicious MPLS packet leads to a Junos kernel crash (CVE-2018-0049)

Junos OS: Receipt of a specifically crafted malicious MPLS packet leads to a Junos kernel crash (CVE-2018-0049). Please refer to https://kb.juniper.net/JSA10883 for more information.

1387724

Default route configured gets deleted during ZTP

During Zero Touch Provisioning (ZTP) process, default route is being cleaned up by code. Due to this if a static default route is configured in the initial configuration (configuration file downloaded from the file server for ZTP), the route will fail to work. This might lead to ZTP failure or device access issue after ZTP.

Modification History:
First publication 2018-12-07
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search