Knowledge Search


×
 

18.1R3-S2: Software Release Notification for Junos Software Service Release version 18.1R3-S2

  [TSB17488] Show Article Properties


Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, MX, PTX, QFX, VMX, VRR, VSRX
Alert Description:
Junos Software Service Release version is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

Junos Software service Release version 18.1R3-S2 is now available.

The following are incremental changes in 18.1R3-S2.

 
PR Number Synopsis Description
1300796

DCD Micro BFD seems to be failing in dcd_commit_check log file even when BFD is not configured

These logs are debugging logs and doesn't indicate an error condition. When Micro BFD is configured they give debugging info regarding the local address configuration and commit checks. The issue here is that these logs are being populated even if Micro BFD is not configured. This PR adds a check in the Junos code, to make sure that these logs are not populated unless Micro BFD is configured on the AE interface.

1303393

Internal latency is high during initial subscription of sensors

Internal latency is high during initial subscription of sensors when multiple sensors (in order of 15-20) are subscribed together. This is not observed with lesser number of subscriptions. This is for a small period when sensors are being installed.

1323306

The BGP session might be stuck with high BGP OutQ value after GRES on both sides

From 16.1 or above release, when both sides of a BGP session are doing NSR RE switchover simultaneously (double failures), depending on the configuration and scale, there is a chance the BGP session may stuck and BGP PDUs can't be exchanged. The permanently stuck OutQ are seen which is a typical symptom for this issue. This is because both sides are waiting for socket record boundary. Both sides are waiting to drain their partially written PDU. Due to this bug, neither side read at this state, leading to permanent stuck.

1323323

Port 0 does not come up in Qfx5100-48t member in mixed VCF

Port 0 of Qfx5100-48t does not come up in mixed VCF. As a workaround, use "phy diag xe0 dsc" command as of now from BCM shell upon reboot which brings up the port and stays up continuously until the next reboot

1337304

The rpd might crash when BGP neighbor is flapping

In rare cases, rpd might crash during the times of excessive neighbor session instability (flapping).

1339481

JDI-RCT:T/PTX:multicast traffic packet drop seen more than 50 percent.

The issue is with interop of broadway with paradise based line cards. As per discussion with systest, will target to fix in 18.1R2, marked 18.1R2 as MR blocker since problem is not root caused yet and the setup is down.

1345720

The rpd might crash when doing RE switchover with NSR and logical-system configurations

When doing RE switchover with NSR (nonstop-routing) and logical-system configurations, rpd core might happen. This issue is platform independent. And it would cause traffic or service impact.

1357591

Control traffic loss may be seen on SRX4600 platform

On SRX4600 platform, FPC major error may be observed after system initializes like system reboot/power on, which will cause the device to potentially discard control traffic.

1361114

On EX2300/EX3400, if L2PT is configured and user wants to enable LLDP, then user needs configure LLDP individually on the port

On EX2300/EX3400, if L2PT is configured and user wants to enable LLDP, then user needs configure LLDP individually on the port. Interface all option does not work. There is no functional impact.

1361800

The PPM mode for BFD session in EX4300 is centralized and not distributed by default

Periodic packet management (PPM) is responsible for processing a variety of time-sensitive periodic tasks so that other processes on the EX Series switch can more optimally direct their resources. It has two modes: distributed PPM and non-distributed (centralized) PPM. The distributed PPM should be enabled by default (such as, in 14.1 or prior to 14.1 version). But BFD session over IRB (integrated routing and bridging) runs in centralized mode instead of running distributed mode in some versions. It may not cause service impact since the BFD sessions will come UP fine. However, when the RE CPU is very busy or when configured intervals are less than 300 ms then BFD sessions running over IRB may flap since the sessions are not distributed. Also, during RE switchover cases these sessions may flap if the configured intervals are less than 2.5 secs.

1364020

QFX52100: Filter with routing-instance applied to family inet logical interface (IFL) causes traffic to be discarded on unrelated interfaces.

QFX52100: Filter with then routing-instance applied to family inet IFL causes traffic to be discarded on unrelated interfaces

1364246

FPM board status is missing in SNMP mib walk result

On EX9xxx, or MX240/480/960 platforms with FPM board, FPM board status is missing in SNMP walk result.

1365709

In case of MPLS ,DMR packets are sent with different mpls exp bits if MX receives CFM DMM packets with varying exp values on MPLS header

When below conditions are met, after traversing through MPLS network, if CFM DMM packets arrive with varying exps value on MPLS header, DMR packets sent with different MPLS exp bit. The varying bit may cause VLAN priority bit viariation, then impact the receiver end, if receiver only matches one particular priority bit. 1/ CFM delay measurement is configured on CE facing AE interface 2/fixed forwarding-class is not configured on interface COS setting.

1366579

QFX5120/EX4650: The command output "show pfe route summary hw" will be shown different scale values for the ipv4 and ipv6 lpm routes rather than the supported scale

QFX5120/EX4650: when configured UFT profile "lpm-profile prefix-65-127-disable"/"lpm-profile" the command output "show pfe route summary hw" will be shown different scale values for the ipv4 and ipv6 lpm routes rather than the supported scale. Supported scale is as follows: lpm-profile prefix-65-127-disable IPv4 <= /32 IPv6 <= /64 IPv6 > /64 Enabled 351K (360,000 approx) 168K (172,000 approx) 0k Disabled 168K (172,000 approx) 64K (65524 approx) 64K (65524 approx)

1368208

The 'Normal discards' pfe statistics traffic counter might increase at a higher rate when Inline-Jflow or sFlow is enabled

The 'Normal discards' pfe statistics traffic counter might increase at a higher rate when Inline-Jflow or sFlow is enabled. This has no operational impact and is a purely cosmetic issue.

1369635

MPC5E restarted at trinity_pio_io_func, pio_read_u32, xqchip_read_u32, xqchip_issu_disable_q_stats, qchip_issu_disable_q_stats, issu_asic_prepare (pfe_idx=0 '\000') at ../../../../src/pfe/common/applications/issu/jam/issu_jam_npc_pfe.c:65

In some configurations, ISSU prepare time on MPC5E takes longer than usual. As a result, the chassisd triggers restart/crash of the MPC . The ISSU completes after the crash.

1369646

error: peer_daemon: bad daemon: scpd on EX9251 running 18.1R1 and 18.1R2

the scpd process is not running in EX9251. So, the CLI throws an error while trying to fetch details from the process scpd in recent releases.

1369705

The rpd might crash in EVPN scenarios when configuring EVPN

In EVPN (Ethernet VPN) scenarios, rpd (routing protocol daemon) might crash and generate a core dump due to a memory allocation problem.

1369785

MAC move might occur in DHCP security scenario

On EX4300/EX4600/QFX Series switches except QFX10000, in DHCP security with override no-option82 scenario, if the DHCP packets from DHCP clients are received from the DHCP snooping trust interface (by default, all trunk ports on the switch are trusted), such packets might be sent back on the same interface, resulting in the MAC move of the source MAC on the other L2 devices.

1372877

Image installation on SD fails with error " Unable to read reply from software add command to re1; error 1"

Upgrading satellite devices (SDs) with "upgrade-groups" option may fail if any of the SD already has that SNOS software version.

1373855

LDP convergence delay might be seen after IGP metric change with knob bgp-igp-both-ribs configured

In a large-scale BGP/LDP environment with 'protocols mpls traffic-engineering bgp-igp-both-ribs' configured, when IGP metric of interface is changed by configuration modification (commit), the metric change could get propagated to LDP slowly, leading to long delay of LDP convergence.

1374436

TPI-50840: qfx5110 ethernet-switching flood group shows incorrect information

TPI-50840: qfx5110 ethernet-switching flood group shows incorrect information

1375030

"PE Chip:pe0[0]: IPW: oversize_drop error" causes Major error on FPC

PTX routers with FPC3s that encounter oversize_drop errors will trigger an FPC Major alarm with each error seen. The alarm should clear on its own. The severity of this alarm is being reduced as there is no lasting impact to the FPC.

1376366

PFE wedge may be observed if there are interfaces going to down state

On QFX10000 or certain PTX series platform, FPE may get wedged if there have many interfaces (e.g. more than 35) with the physical/operational state going to down, for which the LACP "force-up" parameter is enabled and admin state is still up meanwhile.

1378818

After NAT64 router (with MS-MPC) translates an ipv6 fragment to ipv4 fragment, router is not inserting the right value in identification field of IPv4 Header

After NAT64 router (with MS-MPC) translates an ipv6 fragment to ipv4 fragment, router is not inserting the right value in identification field of IPv4 Header

1379138

ARP request packets might be sent out with 802.1Q VLAN tag

ARP request packets might be sent out with 802.1Q VLAN tag even though the outgoing interface is access port.

1379657

Protocol adjacency might flap and FPC might reboot if jlock hog happens

On all platforms and in scaled scenario, if doing some operation which causes jlock hog, the protocols protocol adjacenecy might flap and all the FPCs might reboot.

1379718

Host destined packets with filter log action might reach the RE

On EX4300/EX4600/QFX Series switches except for QFX10k, if host destined packets (i.e, the destination address belongs to the device) come from the interface with ingress filter of log/syslog action (e.g., 'filter <> term <> then log/syslog'), such packets might not be dropped and reach the RE unexpectedly.

1380746

Packet drops on interface if the knob "gigether-options loopback" is configured

On MX ,EX9200 and SRX5K platforms, with the knob "gigether-options loopback" configured on interface, if the interface is connected using copper SFP (SFP-T), packet drops might be seen.

1380798

Daemon dfwd might crash with DFWD_TRASHED_RED_ZONE log messages

In certain scenario, memory corruption might occur in dfwd (the firewall daemon) due to large IFL (logical interface) ifstate messages. This can lead to DFWD_TRASHED_RED_ZONE messages reported in dfwd log and occasionally dfwd crashes.

1381487

After multiple link flap events, l2circuit stops forwarding with core interface flap

After multiple link flap events, l2circuit stops forwarding with core interface flap

1381545

The 40G-SR4 transceiver might not be recognized after upgrading to qfx5100e OS

On the QFX5100 platform, after upgrading from a 'qfx5100' OS to a 'qfx5100e' OS via CLI (not via USB media), the 40G-SR4 transceiver might not be recognized, resulting in the invalidation. The chassis must be power cycle off/on to recover.

1381580

The unicast traffic from IRB interface towards LSI might be dropped due to PFE mismatching at egress processing

On all Junos with Trio platforms, the unicast traffic might get dropped when it is passed from an Integrated Routing and Bridging (IRB) interface towards label switch interface (LSI) if the Aggregation Ethernet (AE) load balancing adaptive or per-packet is configured.

1382182

The MPC6E might crash while fetching PMC device states

PMC device is OTN framer which is sitting on the MIC6-100G-CFP2. While fetching PMC states, CPU might be hogged by the thread more than 2.5 sec. If this occurs, MPC6E might crash.

1383608

The DMA failure errors might be seen when the cache flush or the cache is full

The DMA failure errors might be seen when the cache flush or the cache is full. It might cause the device not to accept ssh credentials and Virtual-Chassis to go into the hang state.

1383665

Adjusting mac-table-size configuration may cause l2ald crash

Sometimes L2ald might crash when try adjusting mac-table-size configuration.

1383876

The VC could not come up after upgrading to QFX5E platforms (TVP-based platforms for QFX5100 or QFX5200 switches)

On QFX5100/QFX5200-VC (Virtual-chassis) scenario, if the switches upgrade to QFX5E platforms (TVP-based platform), and when the VC ports are connected to the expansion modules (PIC0/PIC1), all VC ports might be down and the VC could not come up.

1384524

Tune issue of SFPP-10G-DT-ZRC2 and SFPP-10G-CT50-ZR

On EX4600 or QFX5110 platforms, transceivers SFPP-10G-DT-ZRC2 and SFPP-10G-CT50-ZR might not be tunable and remain 1550.10nm by default in the hardware. In DWDM (Dense Wavelength Division Multiplexing) with Mux/Demux scenario, all optical power might be blocked, which results in interfaces down.

1385723

The IPv6 packet might not be routed when IPv6 packet is encapsulated over IPv4 GRE tunnel on QFX10000

On QFX10002/QFX10008/QFX10016 platforms, the IPv6 traffic might be dropped if the IPv6 over IPv4 Generic Routing Encapsulation (GRE) tunnel is configured because when an Interface family (IFF) member is removed on the Logical interface (IFL), the property of IFL to learn MAC is getting set to NULL which is causing ARP failure.

1386147

The spine EVPN routes might be stuck in a hidden state with next-hop as unusable after FPC is offline in the spine

After FPC1 (EBGP underlay and IBGP overlay) is offlined with redundancy FPC0 (EBGP underlay and IBGP overlay), EVPN routes go to hidden state from overlay BGP peer. After FPC1 bring back to the online state, EVPN routes are still in the hidden state.

1386873

The rpd might crash after issuing operational command "show route detail" for RIP route

The rpd might crash and core after issuing operational command "show route x.x.x.x/xx detail" for RIP route, the routing table will become unstable during the crash.

1386948

Uninitialized EDMEM[0x400094] Read (0x6db6db6d6db6db6d) logs seen with sampling applied to a subscriber with routing-service applied

Uninitialized EDMEM[0x400094] Read (0x6db6db6d6db6db6d) logs may be seen with sampling applied to a subscriber with routing-service applied

1387497

Bypass LSP is taking same SRLG colored path

Whenever the PLR router detects that a bypass tunnel originating from it has gone down because of RSVP ResvTear, it will attempt to re-signal the bypass tunnel over the same path. If the bypass tunnel came up within a short period, then the configuration of "Link protection re-optimization timer" will determine the further course of action on that bypass tunnel. However, if the bypass tunnel does not come up along the same path and if the router has not been configured to avoid running CSPF for the bypass tunnel, the router will compute CSPF for the bypass tunnel. If the protected TE link is down when such a CSPF is scheduled for execution, the Shared Risk Link Group (SRLG) information will not be available in TED for the CSPF to determine which SLRGs to avoid for the bypass tunnel. Hence that CSPF does not correctly avoid the SLRGs of the protected TE link while computing path. This results in the bypass tunnel coming up along a path that will turn out to be incorrect when the protected TE link comes up again.

1387519

QFX5K EVPN/VXLAN: Failed to forward the Ipv6 NS packet from remote VTEP to local host

When clear IPv6 neighbors is done on L3-GW box, IPv6 ND is not getting resolved on for hosts connected peer L2-GW box. This is because IPv6 NS packets coming on network interface over vtep on QFX5K acting as L2-GW is dropped and not forwarded to access network hosts. Work around to overcome this issue is to configure no-arp-supression on QFX5K L2-GW box.

1387593

Intra PoD traffic drop observed with trap code sw.egnh.cfg_discard and VXLAN/VTEP programming missing

On QFX10K platform configured with Ethernet Virtual Private Network (EVPN) and Virtual Extensible LAN protocol (VXLAN), traffic drop might be seen for the Virtual Tunnel End Point (VTEP) tunnel interface due to this issue. It might also lead to Packet Forwarding Engine (PFE) crash in some rare condition.

1387962

DCD core can be seen after FPC restart if channelized interfaces are configured.

If channelized interface coc1 is configured and FPC restart is performed then a core will generate and DCD restart can be seen. Currently we do not have any workaround for this issue. In case of all other interfaces core will not generate and normal behavior is seen.

1388324

ICMPV6 packets are not classified with static or multifield forwarding-class mapping.

ICMPv6 packets are hitting the dynamic ingress filter with higher priority, thus never reaching an MF or static classifier.

1389120

Unexpected packet loss might be seen for some multicast groups during failure recovery with both MoFRR and PIM automatic MBB join load-balancing features enabled

On all Junos platforms which support both Multicast-Only Fast Reroute(MoFRR) and PIM automatic Make-Before-Break(MBB) join load-balancing features, if both features are enabled, and there is an upstream link failure happening, unexpected packet loss might be seen during failure recovery for some multicast groups due to this issue.

1389379

FPC might crash when BGP multipath is configured with protection

When running with Border Gateway Protocol (BGP) multipath with protection configured, it is possible to encounter a situation where nexthops references are not properly decremented, thus causing the system to hold onto nexthops when they should be freed. This leads to a memory hog situation which eventually results in a Flexible PIC Concentrator (FPC) crash.

1389407

EX3400-VC - "Error tvp_status_led_set" and " Error:tvp_optics_diag_eeprom_read" logs occurred.

On EX3400-VC getting logs "Error tvp_status_led_set" and " Error:tvp_optics_diag_eeprom_read" for pic 1 and pic 2

1389411

MAC learning might stop working on some LAG interfaces

On QFX10000 platforms, MAC learning does not work on some LAG interfaces after frequent MAC moves

1389688

Layer 3 ip route might be deleted after L2 next-hop change is seen

On EX4300 platform, Layer 3 ip route would be deleted when L2 next-hop change is seen or PFE receives duplicate nexthop change messages (Examples can be the STP/LAG state change of interfaces). And it will cause traffic drop.

1389872

FPC might crash on QFX5100 and EX4600 platforms in a large-scale scenario

On QFX5100 and EX4600 platforms, if the size of the configuration is huge, when upgrade from a lower release to a higher one, the FPC might crash.

1390417

Forwarding issue on mixed link-speed AE interface after FPC reloads

On PTX series, in mixed link-speed AE interface scenario, if the FPC which hosts one of the member links of the AE reloads and after the FPC comes back, the member link of the AE on the FPC recovers to be up and joins the AE bundle, but the member link is not able to forward traffic, which results in uneven load-balance or black-hole of the AE interface traffic.

1390445

LSP "statistics" and "auto-bandwidth" functionality may not take effect with single hop LSPs

In an Multiprotocol Label Switching (MPLS) scenario, label-switched path (LSP) "statistic" and "auto-bandwidth" functionality may not take effect with single hop LSPs on QFX10000 platform.

1391568

The rpd crash might be seen if a BGP unresolved route is withdrawn

If an import policy is applied to a BGP neighbor and the policy has indirect IPv4 next-hop for IPv4 and IPv6 routes (IPv6 routes resolved over IPv4), when BGP unresolved route is withdrawn, rpd crash might be seen.

1391767

The rpd process may restart if non-BGP protocol route with an AS_PATH is used

An RPD process may restart with core files when processing a non-BGP route with AS PATH information with the following signature in its core file: "rt_notbest_sanity: Path selection failure on , 0x98aed50 recovering..."

1392550

The filter counter is not written to the accounting file when accounting is enabled on the bridge firewall filter

Whenever bridge firewall filter is configured and accounting is enabled on it, the filter counter is not written to the accounting file.

1393044

sdk-vmmd may consistent write to the memory.

sdk-vmmd may consistent write to the memory.

1393729

Certain builds of JUNOS do not allow you to upgrade or commit config changes when the SI service interface is used.

Certain builds of JUNOS do not allow you to upgrade or commit config changes when the SI service interface is used. 17.2R3, 17.4R2, 18.1R3, 18.2R2, 18.3.R1, 16.1R8, 16.2R3 are known to encounter this issue.

1393884

If FPGA on the new master CB has a specific hardware failure, the chassid might keep crashing after GRES switchover

On MX/EX/SRX platforms, after GRES switchover, if a chassis has bent-pin or failed Field Programmable Gate Array (FPGA) on the new CB has a specific hardware failure and fails to detect FPC presence properly, the chassisd might keep crashing.

1393937

IPV6 NH programming issue observed on QFX10016 device running on 15.1X53-D67 Junos version.

On QFX10K/PTX1K/PTX10K devices, when 6PE (the 'protocols mpls ipv6-tunneling' knob) is configured, the IPv6 Next-Hop installation might be incorrect and it might cause IPv6 traffic drop. 

1394259

The rpd process might crash when rp-register-policy is configured with more than 511 terms

On all Junos platforms, when rp-register-policy is configured for Protocol Independent Multicast (PIM) Rendezvous Point (RP), and the policy is defined with more than 511 terms, if the incoming register messages doesn't match initial 511 terms in the policy, but match the term afterwards, the rpd process might crash due to this issue, therefore impact normal routing functions and service.

1394380

L2ALD core seen when l2-learning traceoptions were enabled.

L2ALD core may be seen when l2-learning traceoptions are enabled. This occurs due to a race condition when l2ald log file is getting rotated and simultaneously l2ald trying to write a new trace log message. Issue may not get reproduce easily.

1394978

DRAM and Buffer utilization fields are not correct for QFX10000 platforms

"show chassis fpc" command displays a wrong amount of available memory on a QFX10000's FPCs.

1394982

[evpn_vxlan] [virtual_switch] show ethernet-switching vxlan-tunnel-end-point esi show large number of MAC-Count on qfx10k

show ethernet-switching vxlan-tunnel-end-point esi show large number of MAC-Count on qfx10k

1395098

The best and the second-best routes might have the same weight value if BGP PIC for inet is enabled

In BGP PIC (Prefix Independent Convergence) scenario, next-hop of unequal BGP multipath routes might have the same weight (0x1), resulting in unexpected load balance for traffic.

1395205

pccd process may crash and generate a core file

pccd process may crash and generate a core file when a pcupdate message is received with mandatory object missing.

1395368

The l2ald process might crash when doing "commit check" for some specific configurations

On all Junos platforms, if bridge-domain parameters are defined in routing-instance group and applied to a routing-instance via apply-group, at the same time, the routing-instance type is setting to be "virtual-switch", and no bridge-domain is configured in the routing-instance, the l2ald process might crash during executing "commit check" or "commit" for these configurations. The l2ald process will restart automatically and therefore impact related Layer 2 service. Due to this issue, all the further commits will be blocked until the offending configurations are removed.

1395943

After GRES switchover, LACP will be downed on peer device and never been recovered automatically

On VC series platform, RE switchover will cause LACP down on peer device as the LACP does not sync between master and backup RE.

1398320

Kernel core on VMX

On vMX platform, kernel core might be seen if the ifstate exceptions happen.

1398445

An absolute value of "delay-buffer-rate", configured on an inline LSQ interface, prevents the backup RE from booting up properly.

In the original implementation of inline LSQ (ICHIP), it was not possible to configure the "delay-buffer-rate" knob for buffer adjustment purposes. This restriction is not relevant for Trio family of ASICs anymore. The fix, committed as part of this PR, removes unneeded checks.

1398542

Invalid Layer 4 checksum might be observed on IPv4 packets generated by NAT64 with MS-DPC after translating fragmented IPv6 UDP/TCP packets

On MX-Series platforms wherever the MS-DPC or MS-PIC line card is used, when the router executes the NAT64 translation for the fragmented IPv6 UDP/TCP packets, invalid Layer 4 checksum would be observed on IPv4 packets generated by NAT64. The reason is that during fragmentation the first fragment`s next-header doesn`t point to the L4 information and hence wrong calculation is done at L4 checksum. And due to this invalid checksum, the traffic would be dropped.

1398873

The bbe-smgd process may core when executing "show pppoe lockout"

The bbe-smgd process may generate a core file when the "show pppoe lockout" command is issued from the CLI

1399184

All dcd operations might be blocked if profile-db is corrupt

In 'dynamic-profiles' scenario, if the profile-db is corrupt, all dcd operations are blocked. (e.g., not be able to add any interfaces). The device control process (dcd) is used to control the device's interfaces.

1399873

ARP refresh functionality may fail in an EVPN scenario

Address Resolution protocol (ARP) refresh functionality may fail in an Ethernet VPN (EVPN) scenario due to that the refresh packets with unicast destination MAC address sent from the device are not conformed with RFC5227 and discarded by the hosts with strict check on RFC conformity.

1401214

The UHP behavior is not supported for LDP to SR stitching scenario

In LDP to SR (Segment-Routing) stitching scenario, when connecting with a different vendor`s router who advertises P-Flag (no-PHP Flag, requires UHP behavior) in their Prefix-SIDs, the SR traffic destined to such neighbors could get dropped because the UHP (Ultimate-Hop-Popping) behavior is not supported in some versions of Junos platforms.

1404895

ARP/ND will not be resolved in case of native VLAN ID configured for LAG access interface

When native VLAN ID is configured for LAG access interface for L2 gateway case, ARP / ND will not be resolved and hence traffic will be dropped for that VLAN. No issue with native VLAN ID configured on normal xe / et interfaces (without LAG).

 
Modification History:
First publication 2018-12-17
Related Links: