Knowledge Search


×
 

18.1R3-S3: Software Release Notification for Junos Software Service Release version 18.1R3-S3

  [TSB17526] Show Article Properties


Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, MX, PTX, QFX, SRX, VMX, VRR, VSRX, Network Agent
Alert Description:
Junos Software Service Release version is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

The following are incremental changes in 18.1R3-S3.

 
PR Number Synopsis Description
1237006

BGP might not advertise routes on the existing BGP peer after adding Layer 3 VPN instance

If rib-group is configured under BGP, BGP might not advertise routes on the existing BGP peer after adding Layer 3 VPN instance. The "show bgp neighbor" shows that the neighbor state is stuck in "Send state: not advertising".

1284654

Migrate from syslog API to Errmsg API;/src/junos/usr.sbin/mspsmd

This is in an internal change as Syslog usage is deprecated, however, there may be customer impact due to syslog usage in automation. Applications have migrated to tracing for engineering debug messages or ERRMSG for customer useful/relevant messages. The customer is advised to migrate to new ERRMSG definitions as appropriate. mspsmd daemon has migrated out of syslog to ERRMSG.

1301849

The rpd might crash by executing the command of "show route extensive" during deleting ISIS configuration

The rpd might crash by executing the command of "show route extensive" during deleting ISIS configuration

1322082

PTX10K: For 100G LR4 Optics with part number 740-061409 change 'show chassis hardware' display to QSFP-100G-LR4-T2.

On PTX10K 100G LR4 optics with Part Number 740-061409 will show as QSFP-100G-LR4-T2 instead of QSFP-100G-LR4 and optics which shows as QSFP-100G-LR4 is not supported on PTX10K

1326902

IfSpeed and IfHighSpeed erroneously reported as zero on EX2300.

On a EX2300 switch, the IfSpeed and IfHighSpeed MIB values might be incorrectly displayed during an SNMP get operation.

1338647

Error drops in XM/MQSS fabric streams(q-node stats) are not accounted in class-of-service fabric stats

The output of the cli command "show class-of-service fabric statistics" now includes traffic that was dropped because of internal errors in the drop counts

1341720

The VRF static route might not be exported when route-distinguisher-id is used on RR in BGP L3VPN scenario.

In Border Gateway Protocol (BGP) Layer 3 Virtual Private Network (L3VPN) scenario, on the Route Reflector (RR) with Virtual Routing and Forwarding (VRF) instance deployed, the VRF static route might not be exported to bgp.l3vpn.0 table correctly. Hence the static route could not be advertised to remote device.

1352504

Large-scale users' login and logout may cause mgd memory leak

The mgd memory usage is shown as increased by about 450 MB over the weekend (greater than 72 hours).

1353583

Traffic loss might be seen on new master after the interface flaps followed by RE switchover in VRRP scenario

VRRP MAC filter will not be seen in PFE if interfaces flap followed by GRES, before VRRP state settles down after flap. During this time VRRP state is backup in master-RE and VRRP state is idle in Backup-RE.

1356423

Command "show system virtual-memory | display xml validate" displays errors

xmlised output of "show system virtual-memory" was created under a single container(for each table format) with repeated tag names. Because of the repeated tag names in the same container xml validation was failing. Added changes to xmlise each row output of table format in a seperate container.

1362271

The MS-MPC might reset continuously on MX platform.

On MX platform with MS-MPC installed, the PIC might reset continuously for MS-MPC due to this issue, which will lead to core file generated as well.

1365034

ACX5k: fpc0 (acx_rt_ip_uc_lpm_install:LPM route add failed) Reason : Invalid parameter after configuring lpm-profile.

In ACX5000, some next-hop routes not getting installed properly, reporting message "Failed to h/w update ip uc route entry" In LPM mode, for default route if route changes from ecmp to non-ecmp HOLD nexthop, PFE gets into a corrupted ecmp nexthop. We fix the NH index issue and fixed some issues related to handling ipv4 vs ipv6 default routes for LPM.

1366106

PoE over LLDP negotiation is not supported on Junos Fusion Enterprise setup

PoE (Power over Ethernet) over LLDP (Link Layer Discovery Protocol) negotiation is not supported in Junos Fusion Enterprise (JFE) setup. The issue results in powering up failure when a device makes PoE over LLDP negotiation with the JFE.

1367588

OAM Ethernet connectivity-fault-management configured on ae interfaces is not supported but no commit error

OAM Ethernet connectivity-fault-management configured on ae interfaces is not supported but there is no commit error pop up.

1369646

error: peer_daemon: bad daemon: scpd on EX9251 running 18.1R1 and 18.1R2

the scpd process is not running in EX9251. So, the CLI throws an error while trying to fetch details from the process scpd in recent releases.

1370337

"MIC Error code: 0x1b0001" alarm is not cleared after the voltage has returned to normal on MPC5E

The voltage high alarm might not be cleared when voltage level comes back to normal for MIC on MPC5E

1372421

The dot1xd might crash when dot1xd receives incorrect reply length from the authd

On Junos OS platforms with supporting dot1x, the dot1xd core-dumps might be seen when it receives the reply from the authd and reply length is less than 28 Bytes.

1373025

ping overlay - RPC Error (illegal option ? X?)

ping overlay - RPC Error (illegal option ? X?)

1376060

MS-MPC might have performance degradation under scaled fragmented packets

On MX Series platforms with MS-MPC, it might have performance degradation if the MS-MPC receives scaled fragmented packets.

1376612

CI: Not generating Power Supply failed trap

SNMP Traps for a failed power supply (PEM / PSU) may not be generated nor sent.

1376750

EX4300 / upgrade fails during validation of slax script while upgrade.

While upgrading the EX4300 chassis, on certain JUNOS we would notice upgrade fail during validation. This is seen in the presence of event script on the chassis. This issue was happening as a result on incorrect symbolic link in the function which gets triggered while attempting an upgrade in presence of script. This has been fixed through upcoming JUNOS.

1376804

ECMP route installation failure with log messages like unilist install failure might be observed on EX4300 device

On EX4300 devices with two ECMP interfaces, if multiple iteration happens for one interface link goes down/up, stale ECMP entries might not be deleted and still be seen in hardware due to the next-hop delete failure and unilist install failure.

1377749

In EVPN A-A scenario with MX or EX acting as PE device,flood NHs to handle BUM traffic may not get created or miss certain branches when the configuration is performed in a particular sequence

In EVPN A-A scenario with MX or EX acting as PE device,flood NHs to handle BUM traffic may not get created or miss certain branches when the configuration is performed in a particular sequence

1380084

The overlay-ecmp might not work as expected on QFX5110 in an EVPN-VXLAN environment

On QFX5110 device with EVPN-VXLAN scenario, the traffic might be dropped when the equal-cost multipath (ECMP) path is enabled with Type-5 routes in an overlay EVPN-VXLAN network

1381739

The l2ald might crash when issuing "clear ethernet-switching table persistent-learning"

On EX/QFX platforms, if the same mac-address is learned on different interfaces with different VLANs, the l2ald might crash when issuing "clear ethernet-switching table persistent-learning".

1382249

The rpd might crash on backup RE after switchover

If vrf-table-label is configured for VRF routing-instance, after executing GRES or ISSU, the label (VRF table) which is not be released may be reused by another VRF. This might cause an rpd core on backup RE.

1382531

Flows are getting exported before the expire of the configured active timeout value

The export of the Jflow records is seen at the collector before the expire of the configured active timeout value. This export result might not be the expected.

1383426

QFX10008 continuously shows "RPD_KRT_Q_RETRIES: list nexthop ADD: No such file or directory"

When reading back next hops from the kernel, the rpd could set an incorrect flag on the next hop, which could potentially affect next-hop installation for composite next hops.

1383623

DHCP packets may be dropped on a Junos Fusion Data Center scenario (QFX10000 series)

In a Junos Fusion Data Center scenario where Satellite Devices (SD) are dual-homed to Aggregation Devices (AD), if the DHCP relay is enabled for at least one IRB and both the DHCP server and clients are connected to ADs over native ports, the discover packets sent from clients which are not using DHCP-relay may be dropped on AD device.

1383693

Last reboot reason is not correct if device is rebooted because of power cycle

Last reboot reason is not correct if device is rebooted because of power cycle. Last reboot reason will be displayed as Vjunos reboot even if the device got rebooted due to power cycling.

1383706

Incorrect user privilege regarding "set vmhost" command

The users can still issue command "set vmhost..." although "permissions system-control" is not configured on system class.

1384440

BUM (Broadcast,Unknown Unicast and Multicast) traffic may get dropped on peer Fusion Aggregation Device when link between Satellite Device and local Aggregate Device goes down

BUM (Broadcast,Unknown Unicast and Multicast) traffic may get dropped on peer Fusion Aggregation Device when link between Satellite Device and local Aggregate Device goes down

1385380

The static route might persist even after its BFD session goes down.

On all Junos OS platforms with BFD for the static route configured, when the BFD session is brought down by changing the VLAN ID of the local interfaces, the static route might persist in the routing table.

1385902

The device with more than 5 IP addresses configured in the dhcp server-group goes into amnesiac mode after reboot

If the knob "commit fast-synchronize" is enabled, the device with more than 5 IP addresses configured in the dhcp server-group might go into amnesiac mode after reboot. But in practice it should not allow more than 5 IP addresses based on the implementation, and this validation for "commit check" is skipped when fast-synchronize is configured.

1387063

BUM packets may get looped if EVPN multihoming interface flaps

On QFX5000 series platform with Ethernet VPN (EVPN) multihoming configured, the BUM (broadcast, unknown, and multicast) packets may get looped within one second if the interface facing to the access device flaps.

1387730

QFX5100/QFX5110/QFX5200/QFX5210 Virtual chassis could not be formed normally

On QFX5100/QFX5110/QFX5200/QFX5210-VC scenario with versions after 17.4R1, when forming the VC, the VCP port might not come up stably and flap with some CRC errors observed. And the Virtual Chassis might flap frequently and could not get form normally. Thus traffic drops might be seen on the VC High Gigabit ports.

1387737

Some SFBs might go down when one of the PSMs in the chassis generates a bad output voltage which is out-of-range

On MX2010/MX2020, some Switch Fabric Boards (SFBs) might go down due to one of the Power Supply Modules (PSMs) in the chassis generates a bad output voltage which is out-of-range.

1388454

The lsi binding for the IPv6 neighbor is missing.

On ACX, EX, MX, QFX and Virtual Chassis Fabric platform, if irb interface is configured under VPLS instance, after switchover the lsi binding for the IPv6 neighbor might be missing.

1389119

IGMPv3/MLD membership requests could not work normally

When IGMPv3/MLD is configured with ssm-map-policy, if an other/unrelated policy config is changed or a new policy is introduced via ephemeral Database commit, then the IGMPv3/MLD membership requests might not work normally.

1390016

The jnxFruState might show incorrect PIC state after replacing a MPC with another MPC having less PICs

MPC7E has only two PICs, and after MPC4E (which has 4 PICs) replacement with such card PICs 3 and 4 that were present in the system before will be reported as offline instead of not present if jnxFruState is polled.

1390367

Traffic destined to VRRP VIP gets dropped as filter is not updated to related ifl

On MX platform with enhanced-ip and VRRP configured, if remove/add a child link from AE bundles via "replace pattern" several times, traffic destined to VRRP VIP might be dropped.

1390541

Traffic being dropped when passing through MS-DPC to MPC

On MX series platform, when traffic passes through MS-DPC service card and then egresses the router through an AE interface on MPC, partial traffic loss might be seen due to a memory initializing issue.

1390740

An incorrect error message might be seen when Jflow sensors are configured with reporting rate less than 30 seconds.

On all TVP platforms for QFX devices (QFX10000, QFX5100, QFX5200 platforms), when Jflow sensors are configured with reporting rate less than 30 seconds, the error message was incorrect.

1391084

All the BGP sessions will flap after switchover

With GRES and NSR enabled, if executing switchover, all the BGP session might flap.

1391323

The dcd memory leak might be seen when committing configuration change on static route tag

After committing configuration change on static route tag (see below example), the memory consumed by device control daemon (dcd) might increase. The leak rate is slow (200KB for every commit with one tag change). [edit routing-instances TEST routing-options static route xx.xx.xx.xx/25] - tag 10; + tag 11;

1391928

The spd might crash when 'any-ip' is configured in the 'from' clause of the NAT rule with the static translation type

If dnat-44 / basic-nat66 / basic-nat44 / stateful-nat464 / stateful-nat64 / basic-nat-pt / napt-pt' is configured for translation-type of Network Address Translation (NAT) rule, the Service PIC Daemon (spd) might crash when 'any-ip' (such as any-ipv4 or any-ipv6) is configured in the 'from' clause (such as 'from destination-address' or 'from source-address') of the NAT rule. This is a unsupported configuration. The fix implements a constraint commit checking to detect the presence of 'any-ip' in the 'from' clause and return failure.

1391942

Continuous log messages get printed in ex4300 17.4 / MCSNOOPD ICCP Context./var/run/iccpd_control addr /var/run/iccpd_control: Connection refused

MCLAG feature is not supported on EX4300 platforms. So MCSNOOPD MCLAG related parameters has to be initialized only when the feature is supported. The fix has added Ex4300 platform check to disable snooping MCLAG feature flagging function

1392071

FPCs may restart after committing the changes to the extended port in a Junos Fusion Provider Edge (MX Series) scenario.

In a Junos Fusion Provider Edge (MX Series) scenario, all the FPCs may restart after committing the changes to the VLAN/encapsulation on the extended port if the parameter "per-interface-per-member-link ingress" is configured for sourced routing statistic by using the command "set protocols isis source-packet-routing sensor-based-stats per-interface-per-member-link ingress".

1392261

On ACX-Series platforms the 'forwarding-option dhcp-relay forward-only' knob stops working and the DHCP packets are dropped.

In the scenario where ACX platforms work as the DHCP-relay, if the knob 'forwarding-option dhcp-relay forward-only' is configured, the DHCP-relay process cannot work normally because the DHCP packets from the server are dropped. It might cause the DHCP client could not get the IP address and service failure.

1392704

The ppmd on RE may run with high CPU utilization after RE switchover

In the rare case, ppmd on RE might stay high cpu usage after RE master switch event. There will be no impact on this problem.

1392792

High rpd CPU utilization on the backup RE might be observed in MVPN+NSR scenario

Under extreme case, Routing process under Backup Routing Engine might be under high utilization upon route updates.

1393716

JUNOS enhancement configuration knob to modify mcontrol watchdog timeout

Junos CLI enhancement to configure mastership refresh timeout value 9 to 30 via the chassis CLI command 'set chassis redundancy mastership-refresh-timeout'.

1393947

[ACX] MTU is not properly applied - and output of - ping mpls l2circuit sweep is giving lower values than expected

On ACX1x00/ACX2x00/ACX4x00 the MPLS MTU value is derived from the INET family MTU.

1394341

The dhcp-security binding table might not be updated due to the renew request with '0.0.0.0' value in 'ciaddr'

In DHCP security scenario, if the DHCP renew request packet is of the broadcast message and with '0.0.0.0' value in 'ciaddr' field, the DHCP security binding table might not be updated. That binding information is present till its lease time expiry. After lease time expiry the binding information got deleted, which might result in traffic drop of the DHCP client at the old lease expiration time.

1395534

Unable to install licenses automatically on QFX platforms

On QFX Series platforms, it is unable to update licenses automatically with "request system license update" command.

1396335

RLI- 38639 - L3VPN/ROSEN over PS over RLT . - In 18.4DCB after ifconfig down for PS interface IFL , its Link and Admin status are not going down as expected.

Fix works on 18.4-20181107.0 root@rpd-13-mx-2008-a-gnf-c> show version Hostname: rpd-13-mx-2008-a-gnf-c Model: mx2008 Junos: 18.4-20181107.0 root@rpd-13-mx-2008-a-gnf-c:~ # ifconfig ps4343.0 DOWN root@rpd-13-mx-2008-a-gnf-c:~ # cli root@rpd-13-mx-2008-a-gnf-c> show interfaces terse ps4343.0 Interface Admin Link Proto Local Remote ps4343.0 down up ccc root@rpd-13-mx-2008-a-gnf-c> quit root@rpd-13-mx-2008-a-gnf-c:~ # ifconfig ps4343.0 UP root@rpd-13-mx-2008-a-gnf-c:~ # cli root@rpd-13-mx-2008-a-gnf-c> show interfaces terse ps4343.0 Interface Admin Link Proto Local Remote ps4343.0 up up ccc

1396422

On EX2300 MAC table is not populated after interface-mode change

On EX2300 platform, when interface-mode of a port with VoIP option enabled is changed from Access to Trunk and reverted back to Access, the Ethernet switching table might not be populated.

1396772

Adding IRB to bridge-domain with PS interface causes kernel crash

IRB (Integrated Routing and Bridging) is not supported for PS (Pseudowire Subscriber) interface. When a PS interface along with IRB in the same bridge-domain is committed, kernel might crash and reboot continuously. The fix of this PR adds commit check to prevent adding IRB to bridge-domain with PS interface.

1396915

VNI not updated on default route 0.0.0.0/0 advertised by EVPN type 5 prefix when local configuration changed

Attributes like VNI are not updated on the default route 0.0.0.0/0 advertised by an EVPN type 5 prefix when the local configuration is changed.

1397018

The rpd process might keep crashing repeatedly if the LSP destination address is set to be 0.0.0.0

On all Junos platforms, if the Label Switched Path (LSP) destination address is set to be 0.0.0.0 under the protocol Multiprotocol Label Switching (MPLS), the rpd process might keep crashing repeatedly and won't recover due to this issue.

1397205

QFX5110,QFX5200: EVPN-VXLAN NON-COLLAPSED: dcfpe core seen at brcm_pkt_tx_flush, l2alm_mac_ip_timer_handle_expiry_event_loc, after random event.

On QFX5110 and QFX5200 switches, the non-collapsed EVPN-VXLAN dcfpe core file is seen at "brcm_pkt_tx_flush, l2alm_mac_ip_timer_handle_expiry_event_loc, after random event".

1397210

40G/100G ports may take a long time(about 30s) to link up on SRX4600 platform.

SRX4600 platforms with 40/100 Gigabit QSFP ethernet ports link up time take long time(about 30s) after multiple times link down/up.

1397925

IPv6 link-local address for virtual-gateway address is marked as duplicate in EVPN

In EVPN A-A mode, if the same link-local IPv6 address is configured on both IRB interfaces on the two PEs, DAD will mark one of the IRB interfaces as the duplicate.

1397992

Extended Port (EP) LAG may go down on the Satellite Devices (SDs) if the related Cascade Port (CP) links to an Aggregation Device (AD) goes down

In a Junos Fusion Data Center if one Aggregation Device (AD) is isolated by disabling Inter Chassis Link (ICL) and all cascade ports (Link between AD and SD) and later if only ICL is reenabled on the AD then EP-LAG LACP will go down.This issue will not be seen if ICL is up and only AD-SD links go down.

1398251

TPI-57374:EVPN-VxLAN: DCPFE cored _bcm_field_td_counter_last_hw_val_update after upgrading spine with latest image.

Issue - A deadlock situation between pfeman thread and broadcom's linkscan thread causes watchdog trigger and results it dcpfe coring. Trigger - No specific trigger as such. Issue occurs sometimes in during the port init stage. Effect - dcpfe cores

1398301

"MIC Error code: 0x1b0002" alarm might not be cleared for MIC on MPC6 when the voltage has returned to normal

The voltage high alarm might not be cleared when voltage level comes back to normal for MIC on MPC6.

1398349

QFX5110 - Fan LED turns Amber randomly

On QFX5110, multiple FANs would be Solid Amber state though there is no hardware failure.

1398458

Downstream interface is not removed from multicast route after getting PIM prune.

In NG-MVPN scenario where source and receivers are on the same PE but different routing-instances, if PIM prune (*, g) is received on a downstream interface, Type 7 route might not get updated accordingly, resulting in the interface remaining in multicast route. Thus unwanted multicast traffic keeps being forwarded to that interface.

1398685

The rpd soft core might be seen when L2VPN is used

RPD provides a mechanism to validate that route selection has successfully been done. When errors in route selection are detected, a soft core is dropped: RPD remains running, a single core file is dropped, it is rate limited to not do this frequently. When running L2VPN, BGP MED selection may be inappropriately run on the routes. As a result, the route selection sanity code will notice an unexpected result and leave a soft core.

1398967

The transportd might consume 100% CPU for a prolonged period

There might be memory leak on tarnsportd when bulk SNMP polling are on large-scale IFLs and large number of traps are created due to interface flapping etc. The memory leak could cause the transportd consuming high CPU for a prolonged period.

1399067

Dhcpv6 relay doesn't work in QFX5100 when clients are connected to an aggregate switch.

When we have Lightweight DHCPv6 Relay Agent (LDRA) before relay, we expect the packets to reach relay with UDP Src & Dst Ports both as 547. Our existing implementation has dynamic filters to accept DHCPv6 packets with 546 & 547 and with 547 & 546 as Src & Dst ports but not with 547/547. Because of this, the DHCPv6 packets are being treated as Unknown IPv6 multicast packets and are going to Q28.

1399369

CPU hog may be observed on PTX/QFX10000 Series platform

On PTX/QFX10000 series platform, CPU hog on PFC may be observed if the adaptive feature is enabled to load-balance for an AE interface.

1399457

Unexpectedly high packet loss might be observed after an uplink failure when the MoFRR feature is used in a scaled environment.

When the MoFRR feature is used in a scaled environment (in terms of number of routes and NHs), the actual convergence of multicast traffic might reach hundreds of milliseconds due to sub-optimal handling of MoFRR forwarding states on the PFE level.

1399733

QFX5100 - VXLAN - Traffic is queued in the wrong queue when interface configuration is changed from a layer 2 with VXLAN configured on the VLAN to a family inet configuration

On QFX5100, traffic initiated from a server connected to an interface will be dropped at the interface on the switch if the interface was configured with family ethernet-switching with VXLAN and the configuration is changed to family inet.

1399878

SFP-LX10 does not work on QFX5110

On QFX5110 platforms, from Junos 17.3 onwards, the interfaces with SFP-LX10 transceivers and auto-negotiation enabled(default configuration) might be down.

1400606

Frequent "Unable to set DA MAC Filter for LLDP" log messages.

On JUNOS QFX/ACX5K, on the interfaces where lldp is already disabled (commit) and there is any change on any interface in the next commit, l2cpd sends the msg to disable lldp on the all the interfaces to kernel and kernel tries to remove the implicit filters, which return ENOENT, since entries were already disabled during the first commit. The following messages are harmless to the system.

1400825

The "link-down" action of "low-light" feature needs to be enhanced.

Once the low-light condition has been reached on a link, instead of bringing the transmitter (laser) down, the PCS will be reset. This will trigger REMOTE-FAULT alarm on the remote side of the link.

1400838

EX4300 might drop incoming ISIS hello packets when IGMP or MLD snooping is configured.

On EX4300 platform, when IGMP or MLD snooping is enabled, and ESIS/ISIS packets with below destination multicast mac-address are received, ESIS/ISIS packets are not flooded. It would cause ISIS adjacency establish failure. The MAC-level point-to-point addresses are: 09-00-2B-00-00-04 (AllEndSystems) 09-00-2B-00-00-05 (AllIntermediateSystems)

1401148

The Framed-Route beyond the first may not be installed in a DHCP subscriber management environment

In a DHCP subscriber management environment, the framed route beyond the first may not be installed to a subscriber session if receiving it from the radius which has more than one Framed-Route.

1401249

The authd might crash when issuing "show network-access requests pending" command during the authd restarting

The authd might crash when issuing "show network-access requests pending" command during the authd restarting.

1401669

RPD core upon RE switchover with scaled EVPN configuration.

on MX or QFX10k with dual RE/NSR enabled and a scaled EVPN configuration, RPD could core upon RE switchover due to a bug that corrupts the EVPN instance tree. Not seen with limited or few EVPN instances.

1401709

adt7470_set_pwm message is continuously outputting after upgrade to 18.1R3.3.

adt7470_set_pwm message is continuously outputting after upgrade to 18.1R3.3

1401839

Dual stacked DHCPv6-PD client connection terminated after commit when RADIUS address assignment is not defined within the range of a local pool

Dual stacked DHCPv6-PD client connection terminated after commit when RADIUS address assignment is not defined within the range of a local pool. At the time of some configuration commit the authd process is checking address-assignments, client connection is terminated suspecting that the address-assignment range had changed when IPv6-PD address does not match range of local pool.

1402122

Certain otn-options cause interface flapping during commit.

With following configuration present, the interface flaps after a commit where an AE interface is being added. set interfaces otn-options trigger oc-tsf hold-time up <> down <> set interfaces otn-options trigger odu-bei hold-time up <> down <>

1402255

BGP router on the same broadcast subnet with its neighbors might cause IPv6 routing issue on the neighbor from other vendors

RFC 2545 has limitation on third party next-hops where the next hop is propagated unchanged. Due to this limitation, Border Gateway Protocol (BGP) router attaches its own IPv6 link local address in the next hop and advertise the route to its BGP neighbor. This could introduce the routing issue on the BGP neighbor from other vendor (e.g. Cisco) and put the BGP router itself in the traffic path unexpectedly. This issue will not be seen on Juniper devices because IPv6 link local address is not selected as next hop.

1402377

Syslog error messages: [LOG: Err] COS_HALP(cos_halp_get_fabric_stats_per_pfe:3211): pfe_id 0 cchip 0[LOG: Err] COS_HALP(cos_halp_get_fabric_stats_per_pfe:3272): No PFE found for pfe_id_start 0.

On a MX204, when any command under 'show class-of-service fabric <>' hierarchy is executed, you will see "COS_HALP(cos_halp_get_fabric_stats_per_pfe:3211): pfe_id 0 cchip 0" error messages. Since the MX204 is fabric less platform, the COS fabric CLI commands are not available. The error messages have no side effects.

1402382

MPLS LSP traffic loss might be seen under rare conditions if CSPF is enabled

When make-before-break (MBB) new instance signaling experiences error and before retry is finished, other triggers such as auto bandwidth adjustment timer expiration have to be blocked until MBB finishes. Once the MBB finishes instance switching, blocked trigger needs to be scheduled, but should only be triggered after optimize-adaptive-teardown timer expires. In the affected releases, the blocked trigger is scheduled immediately after instance switching without taking optimize-adaptive-teardown timer into account, it causes old instance to be torn down before whole system finishes changing routes using the new instance, this leads to traffic loss.

1402390

In JUNOS Logical System, configuration of "chained-composite-next-hop ingress l3vpn extended-space" failed to commit after upgrading to 17.2/later releases

After upgrading JUNOS to 17.2 or later releases, the knob "chained-composite-next-hop ingress l3vpn extended-space" cannot be configured any longer on a Logical system.

1402450

The ICMPv6 packet with embedded IPv6 fragment might not be translated correctly to IPv4 ICMP packet in a NAT64 with MS-DPC deployment

On MX-Series platforms with MS-DPC deployed for NAT64, the translation for IPv6 packet to IPv4 packet might not be translated correctly when a node in IPv6 network sends an ICMPv6 Packet Too Big (PTB) message with an embedded ipv6 fragment towards a node in IPv4 network. This results in Path MTU discovery failure.

1402484

Some error logs might be seen on FPC when reading attempt from Uninitialized memory location

On all MX platforms that support enhanced subscriber management (Next Generation Subscriber Management) with L2TP subscriber scenario, when a packet arrives with size higher than LNS (L2TP network server) IFL (Logical interface) MTU and 'Do-not fragment' bit is set, because the micro kernel generates ICMP error messages and increment 'out-mtu-errors' in IFD (Pysical interface) stream counter, and then the OIF (Outgoing interface) index is wrongly programmed in LNS IFL output feature list. So some error logs would be seen when reading attempt from Uninitialized memory location. This only impacts the traffic from Core to LNS subscriber on PFE which needs to generate ICMP error message like MTU exceeded. It would not impact normal transit traffic.

1402563

FPC might crash after offline/online MIC-3D-16CHE1-T1-CE-H.

On MX and ACX platforms, after offline and then online MIC-3D-16CHE1-T1-CE-H card, the related FPC might crash.

1402643

Unexpected termination of the CLI session during image installation

With the initiation of image installation on Base System of a setup with node slicing enabled, session gets terminated unexpectedly

1402834

Host outbound traffic might be dropped on MPC7/8/9

On MX platforms with enhanced subscriber management enabled, if the Junos release is 18.2X75-D10, 17.4R2, 18.1R2 and onwards, in which turbo TX is supported and enabled, when "class-of-service host-outbound-traffic" is configured, host outbound traffic (e.g. ARP, ISIS, OSPF, etc.) might be dropped on MPC7/8/9.

1402852

On newer QFX5K switches, file permissions are changed for /var/db/scripts files after reboot. This can impact scripts running on the box..

On newer QFX5K switches, file permissions are changed for /var/db/scripts files after reboot. This can impact scripts running on the box.

1403071

Log message "JAM HW data base open failed for ptx5kpic_3x400ge-cfp8" during commit.

The following log messages might be seen during configuration commit on PTX series routers with FPC type 3: chassisd[84247]: jam_core_hwdb_open: JAM HW data base open failed for ptx5kpic_3x400ge-cfp8 chassisd[84247]: JAM: jam_pic_plugin_init =1 - fail 4 chassisd[84247]: JAM: Failure Exit jam_pic_plugin_initd chassisd[84247]: jam_plugin_init: JAM:PL: jam_pic_plugin_init failed The messages are cosmetic and can be ignored.

1403147

The cosd might crash during commit via netconf.

The cosd might crash during commit via netconf if excess-priority is configured. It is a timing issue.

1403338

The STP does not work when aggregated interfaces number is "ae1000" or above in QFX5000 and "ae480" or above in other QFXs / EX

In aggregated interfaces and STP (Spanning Tree Protocol) scenario, the STP does not work when the aggregated interfaces number is "ae1000" or above in QFX5000 and "ae480" or above in other QFXs / EX. Such interfaces will remain in incorrect STP discarding state and won't forward packets.

1403480

Smg-service can become unresponsive

Issuing the cli show command "show services soft-gre tunnel" and then changing configuration of the router can make smg-service unresponsive, eg regress@leonis> show system subscriber-management statistics error: timeout communicating with smg-service daemon

1403835

JSRC used Radius Service accounting protocol instead of JSRC for SRC installed service

JSRC provisioned service used Radius Service accounting protocol instead of JSRC for SRC installed service

1404002

The time synchronization through PTPoE might not work when Enhanced Subscriber Management is enabled on MX

When Enhanced Subscriber Management is enabled on MX (i.e. set system services subscriber-management enable), the Precision Time Protocol (PTP) with PTP-over-Ethernet (PTPoE) configuration might not work on MPC2E-NG/3E-NG or MPC5E and above (such as MPC6E/7E/8E/9E/10E/11E).

1404134

RPD RT_NEXTHOPS_TEMPLATE memory leaks when using Segment Routing for ISIS protocols

Using Segment Routing for ISIS protocols may result in memory leaks within the Routing Protocol Daemon (RPD). This may result in the RPD restart unexpectedly.

1404351

The rpd crash due to memory corruption in EVPN

In Ethernet VPN (EVPN) active/active multi-homing scenario with MPLS encapsulation, toggling of multi-homed interface might cause memory corruption leading to rpd crash.

1404358

repd continue core on VC-Bm when there are too many IPv6 address on one session (hit PR1384889).

When the box hit PR 1384889, There will be multi IPv6 address on one session, On this scenario, It is possible to have repd continuous core when replicate SDB from VC-Mm to VC-Bm. When this issue happens below log can be observed: Dec 26 05:27:54.404 mxvc-r019-r026 repd[20605]: %DAEMON-3: sdb_db_store_sts_in_lts Flush STS->LTS Failed return -2 Dec 26 05:27:54.803 mxvc-r019-r026 repd[20605]: %DAEMON-3: sdb_db_store_sts_in_lts Flush STS->LTS Failed return -2 Dec 26 05:27:56.254 mxvc-r019-r026 repd[20605]: %DAEMON-3: sdb_db_store_sts_in_lts Flush STS->LTS Failed return -2 Dec 26 05:27:56.304 mxvc-r019-r026 repd[20605]: %DAEMON-3: sdb_db_store_sts_in_lts Flush STS->LTS Failed return -2

1404611

PTX3000: FPCs are not able to come online for tens of minutes after a reboot of the chassis

On PTX3000 platform with several FPCs (e.g, around 8), after reloading the chassis, FPCs might not be able to come online for tens of minutes.

1404822

The VRRP VIP might not work when it is configured on the LAG interface

The VRRP (Virtual Router Redundancy Protocol) VIP (Virtual IP) might not work when it is configured on the LAG (Link Aggregation Group) interface. It is only working when the LAG member interfaces are on the ASIC 0 of the FPC. The issue results in losing traffic to the VIP.

1404895

ARP/ND will not be resolved in case of native VLAN ID configured for LAG access interface

When native VLAN ID is configured for LAG access interface for L2 gateway case, ARP/ND will not be resolved and hence traffic will be dropped for that VLAN. No issue with native VLAN ID configured on normal xe / et interfaces (without LAG).

1405055

The subscriber may not access the device due to the conflicted assigned address

In a subscriber management environment, the subscriber (say, subscriber A) may not access the device (A can get IP address x.x.x.x but then the connection will be terminated), because the address x.x.x.x is previously assigned to another subscriber B and then re-assigned to A before confirming whether the respective access route for address x.x.x.x is removed.

1405271

EX-SFP-1FE-LX SFP does not work on MIC-3D-20GE-SFP-E

On MX Series platforms, EX-SFP-1FE-LX SFP does not initialize with MIC-3D-20GE-SFP-E(EH).

1405318

Config load override or load replace resets ANCP neighbours

In ANCP (Access Node Control Protocol) scenario, if executing configuration load override or replace, after the commit operation, All ANCP neighbour sessions might be restarted, even though without any ANCP configuration change.

1405399

100G SR4 Optics with part number 740-061405 should be displayed as "QSFP-100G-SR4-T2".

This fix helps to distinguish between the optics with P/Ns 740-058734 (displayed as QSFP-100GBASE-SR4) and 740-061405 (will be displayed as QSFP-100G-SR4-T2).

1405681

The rpd might crash on a leaf node when handling the withdrawal of remote or local MAC address in an EVPN-VXLAN scenario

On all Junos OS platforms that are running Ethernet VPN (EVPN) with Virtual Extensible LAN (VXLAN) on the device, when handling the withdrawal of remote or local MAC address, it may cause stack corruption and may subsequently result in rpd crash on the leaf node.

1405820

The IPv6 NS/NA packets received over VTEP from an ESI host are wrongly flooded back to the host

In EVPN-VXLAN (Ethernet VPN - Virtual Extensible LAN) ESI (Ethernet Segment Identifier) multihomed scenario, the unicast IPv6 NS/NA (Neighbor Solicitation/Neighbor Advertisement) packets received over VTEP (Virtual Tunnel Endpoints) from an ESI host are wrongly flooded back to the ESI host. The issue might cause loop and result in packet loss.

1405882

NAT64 translation issues of ICMPv6 Packet Too Big message with MS-MPC/MS-PIC

On MX series with MS-MPC/MS-PIC, in NAT64 scenario, if ICMPv6 Packet Too Big message is required to be translated, the translated ICMPv4 Destination Unreachable packet is incorrect. L4 destination port under embedded IPv4 address is not translated, IPv4 Identification field doesn't copy from IPv6, header checksum in IPv4 under ICMPv4 is wrong.

1405903

when non-root user tries to archive the var/log some files missing if there is cscript.log file exists

When there are any scripts running on the router cscript.log will be created.It is found that the permission are set wrongly hence when any non root user tries to archive the /var/log along with cscript some other files in /var/log went missing in the archived file. so when we untar the file less files are found. This issue is not seen when root user does the archive. With the fix of the PR non root user would be able to archive the files.

1406030

Fabric performance drop on MPC7/8/9E and SFB2 based MX2000 platform

On MPC7/8/9E and SFB2 based MX2000 Series platforms, code change done by PR 1336446 fixing MPC7/8/9E fabric re-ordering issue with SFB causes fabric performance drop. The throughput might not reach the expected value in high volume traffic scenario.

1406165

The cfmd might fail to start after it is restarted

If connectivity fault management (CFM) is enabled with the name-format for maintenance-domain set to 'none' and iterator configuration, and the sum of the length of maintenance-domain name and maintenance-association name exceeds the maximum allowed size (i.e. 44 octets), the initial configuration commit would be passed and CFM is working. But once the cfmd is restarted, the cfmd process cannot start with coredump file generated.

1406179

The stale si- IFL might be seen when L2TP subscribers with duplicated prefixes or framed-route login

If L2TP LNS uses inline service (si) interface and the routing service (such as framed-route) is configured in dynamic-profiles, when subscribers login with duplicated prefixes or framed-route, the LNS will reject the second subscriber due to route adding failure. But the si- IFL for the failure subscriber will be left in PFE as a stale IFL.

1406822

Traffic impact might be seen if auto-bandwidth is configured for RSVP LSPs

With auto-bandwidth configured for Resource Reservation Protocol (RSVP) Label Switched Path (LSP), when timeout occurs during LSP statistics query, large bandwidth might be wrongly reserved for the LSP. If there is no sufficient resources (e.g. bandwidth, alternative path) in the network, other LSPs might be torn down, or might not go up.

1406848

Abnormal Queue-depth counters in "show interface queue" output on interfaces which associated to XM2 and 3.

Due to the bug, MPC with 4 XM chips, such as MPC6E, while MIC1 is in use,which the interfaces associated to XM2 and 3, the Queue-depth counters in "show interface queue" output might be abnormal. Alternatively Maximum counters of Queue-depth are incorrect or even no any Queue-depth info. The issue is cosmetic of CLI output, the PFE sw and ASIC programming are fine.

1407200

Ipv6 drops due to "output trunk vlan lookup failed"

Packet drops are see when Ipv6 host located in the vxlan bridge instance, is trying to reach Ipv6 hosts on the Ip/MPS network, via the irb gateway.

1407408

The process rpd crash may be observed once a non-forwarding path is used for re-resolution

The process rpd may crash after a non-forwarding route (i.e., a route to an indirect next-hop association is non-forwarding indirect next-hop) which is received from multiple protocols is resolved again by using the non-forwarding path.

1407469

The l2cpd might crash if the VSTP traceoptions and VSTP VLAN all commands are configured.

On EX4300/EX4600/EX9200/QFX5000/QFX10000/QFX3500/QFX3600-Series platforms, the Layer2 Control Protocols process (l2cpd) might restart on a RE when both of the VSTP traceoptions and VSTP VLAN all commands are configured. This will cause the VSTP (STP, RSTP, MSTP, etc) to not working correctly.

1407923

continuous log message 'authd[18454]: %DAEMON-3-LI: liPollTimerExpired returned 0'

The log message 'authd[18454]: %DAEMON-3-LI: liPollTimerExpired returned 0' can be seen after any LI activity. The messages are cosmetic. The log was removed to hide LI activity.

1409403

L2ald process may core when a persistent mac addresses are cleared from the switching table

L2ald process may core when a persistent mac addresses are cleared from the switching table.

1409807

FPC core may occur during next hop change due to FPC reboot or interface flap when using MPLS inline-jflow

FPC core may occur during next hop change due to FPC reboot or interface flap when using MPLS inline-jflow

1409949

The FPC may crash and could not come up if interface-num or next-hop is set to maximum value under vxlan-routing on QFX platforms

On QFX 5100/5110/5120/5200/5210 platforms, when either of following configurations is present, the FPC may crash and could not come up even after reboot, the issue can be avoided by setting interface-num or next-hop to lesser values instead of maximum values. "set forwarding-options vxlan-routing interface-num 12288" or "set forwarding-options vxlan-routing next-hop 49152".

1410079

The aaa-options configuration knob for PPPoE subscribers does not work on the MX80 and MX104 platforms

On MX80/MX104 platform with PPPoE subscriber deployment scenario, when the different radius servers for various VLAN ranges assigned need to be specified with aaa-options, the aaa-options configuration knob that is specified to the access-profile in a dynamic-profile for PPPoE subscribers might not work correctly and cause the PPPoE sessions not to be established.

Modification History:
First publication 2019-02-15
Related Links: