Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

18.1R3-S3: Software Release Notification for Junos Software Service Release version 18.1R3-S3

0

0

Article ID: TSB17526 TECHNICAL_BULLETINS Last Updated: 05 Mar 2020Version: 2.0
Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, MX, PTX, QFX, SRX, VMX, VRR, VSRX, Network Agent
Alert Description:
Junos Software Service Release version is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

18.1R3-S3 - List of Fixed issues

PR Number Synopsis Category: CP L3
1381739 The l2ald might crash when issuing "clear ethernet-switching table persistent-learning"
 
In Junos Fusion, if the same mac-address is learned on different interfaces with different VLANs, the l2ald might crash when issuing "clear ethernet-switching table persistent-learning".
PR Number Synopsis Category: xSTP
1407469 The l2cpd might crash if the VSTP traceoptions and VSTP VLAN all commands are configured.
 
On EX4300/EX4600/EX9200/QFX5000/QFX10000/QFX3500/QFX3600-Series platforms, the Layer2 Control Protocols process (l2cpd) might restart on a RE when both of the VSTP traceoptions and VSTP VLAN all commands are configured. This will cause the VSTP (STP, RSTP, MSTP, etc) to not working correctly.
PR Number Synopsis Category: EX4300 Control Plane
1391942 Continuous log messages get printed on EX4300 after upgrading to 17.4 or above release
 
MCLAG feature is not supported on EX4300 platforms. So MCSNOOPD MCLAG related parameters has to be initialized only when the feature is supported. The fix has added Ex4300 platform check to disable snooping MCLAG feature flagging function.
PR Number Synopsis Category: EX4300 PFE
1376804 ECMP route installation failure with log messages like unilist install failure might be observed on EX4300 device
 
On EX4300 devices with two ECMP interfaces, if multiple iteration happens for one interface link goes down/up, stale ECMP entries might not be deleted and still be seen in hardware due to the next-hop delete failure and unilist install failure.
PR Number Synopsis Category: EX4300 Platform
1376750 EX4300 / upgrade fails during validation of slax script while upgrade
 
While upgrading the EX4300 chassis, on certain JUNOS we would notice upgrade fail during validation. This is seen in the presence of event script on the chassis. This issue was happening as a result on incorrect symbolic link in the function which gets triggered while attempting an upgrade in presence of script. This has been fixed through upcoming JUNOS.
PR Number Synopsis Category: EX9200 PFE
1403358 Configuring mac-table-aging-time triggered mac deleted
 
Configuring mac-table-aging-time was causing BridgeDomain sequence to get incremented unnecessarily. This resulted in all MACs getting flushed when the change message was received by l2-learning daemon with new sequence number.
PR Number Synopsis Category: EX2300/3400 PFE
1396422 On EX2300 MAC table is not populated after interface-mode change
 
On EX2300 platform, when interface-mode of a port with VoIP option enabled is changed from Access to Trunk and reverted back to Access, the Ethernet switching table might not be populated.
PR Number Synopsis Category: EX2300/3400 platform
1397051 Make unlink option default for EX2300 and EX3400
 
EX2300 and EX3400 may not having enough space to unpack and install the new Junos , unlink knob when added maually to "request system software add" can overcome this issue but after the modification added by this fix it will be default behaviour of request system software add command for EX2300 and EX3400
1401709 adt7470_set_pwm message is continuously outputting after upgrade to 18.1R3.3.
 
adt7470_set_pwm message is continuously outputting after upgrade to 18.1R3.3
1406934 No chassis/system alarm and syslog for power-failure
 
No chassis/system alarm and syslog for power-failure on EX2300 and EX3400 chassis. Issue originally reported in 18.1R3.3
PR Number Synopsis Category: HW Board, FPGA, CPLD issues
1387730 QFX5100/QFX5110/QFX5200/QFX5210 Virtual chassis could not be formed normally
 
On QFX5100/QFX5110/QFX5200/QFX5210-VC scenario with versions after 17.4R1, when forming the VC, the VCP port might not come up stably and flap with some CRC errors observed. And the Virtual Chassis might flap frequently and could not get form normally. Thus traffic drops might be seen on the VC High Gigabit ports.
PR Number Synopsis Category: QFX L2 Protocols Control Plane related
1401215 DCPFE crash @ expr_l2_common_bd_ifbd_attach()
 
A QFX10000's FPC may restart if an operator configures VXLAN's VNI 0 identifier.
1401215 DCPFE crash @ expr_l2_common_bd_ifbd_attach()
 
A QFX10000's FPC may restart if an operator configures VXLAN's VNI 0 identifier.
PR Number Synopsis Category: DHCP related Issues
1399067 The DHCPv6 relay packets are dropped when both the UDP source and destination ports are 547
 
In DHCPv6 (Dynamic Host Configuration Protocol version 6) relay scenario when QFX5000 works as DHCPv6 relay agent, if DHCPv6 packets with both UDP (User Datagram Protocol) source and destination ports are 547 are received, they are dropped and not forwarded to the DHCPv6 server. The issue results in the DHCPv6 process failure.
PR Number Synopsis Category: QFX PFE L2
1398251 On QFX5K platforms, the DCPFE process might core-dump on interface specific events
 
On QFX5K platforms, the DCPFE process might core-dump on interface specific events due to a deadlock situation between the pfeman thread and the linkscan thread that causes the watchdog event to trigger.
1400606 Frequent "Unable to set DA MAC Filter for LLDP" log messages.
 
On JUNOS QFX/ACX5K, on the interfaces where lldp is already disabled (commit) and there is any change on any interface in the next commit, l2cpd sends the msg to disable lldp on the all the interfaces to kernel and kernel tries to remove the implicit filters, which return ENOENT, since entries were already disabled during the first commit. The following messages are harmless to the system.
1405820 The IPv6 NS/NA packets received over VTEP from an ESI host are wrongly flooded back to the host
 
In EVPN-VXLAN (Ethernet VPN - Virtual Extensible LAN) ESI (Ethernet Segment Identifier) multihomed scenario, the unicast IPv6 NS/NA (Neighbor Solicitation/Neighbor Advertisement) packets received over VTEP (Virtual Tunnel Endpoints) from an ESI host are wrongly flooded back to the ESI host. The issue might cause loop and result in packet loss.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1367584 When VRF fallback is enabled, running "show pfe route ip hw lpm" may crash the switch
 
When VRF fallback is enabled, running "show pfe route ip hw lpm" may crash the switch
1387063 BUM packets may get looped if EVPN multihoming interface flaps
 
On QFX5000 series platform with Ethernet VPN (EVPN) multihoming configured, the BUM (broadcast, unknown, and multicast) packets may get looped within one second if the interface facing to the access device flaps.
1397205 The dcpfe might crash on QFX5K series platforms
 
On QFX5K series platforms, in EVPN-VXLAN scenario, the dcpfe might crash after random event.
1408428 The FPC/dcpfe process may crash due to interface flap
 
On QFX5200/QFX5110 platform or Junos on White Box (AS7816), interface flap may cause FPC watchdog timeout which then further triggers the FPC/dcpfe crash, as a result, traffic impact may be observed at that time.
PR Number Synopsis Category: ACX Interfaces IFD, IFL, vlans, and BRCM init
1392261 On ACX-Series platforms the 'forwarding-option dhcp-relay forward-only' knob stops working and the DHCP packets are dropped.
 
In the scenario where ACX platforms work as the DHCP-relay, if the knob 'forwarding-option dhcp-relay forward-only' is configured, the DHCP-relay process cannot work normally because the DHCP packets from the server are dropped. It might cause the DHCP client could not get the IP address and service failure.
1393947 [ACX] MTU is not properly applied - and output of - ping mpls l2circuit sweep is giving lower values than expected
 
On ACX1x00/ACX2x00/ACX4x00 the MPLS MTU value is derived from the INET family MTU.
PR Number Synopsis Category: ACX L3 IPv4, IPv6 support
1365034 ACX5k: fpc0 (acx_rt_ip_uc_lpm_install:LPM route add failed) Reason : Invalid parameter after configuring lpm-profile.
 
In ACX5000, some next-hop routes not getting installed properly, reporting message "Failed to h/w update ip uc route entry" In LPM mode, for default route if route changes from ecmp to non-ecmp HOLD nexthop, PFE gets into a corrupted ecmp nexthop. We fix the NH index issue and fixed some issues related to handling ipv4 vs ipv6 default routes for LPM.
PR Number Synopsis Category: "agentd" software daemon
1390740 An incorrect error message might be seen when Jflow sensors are configured with reporting rate less than 30 seconds.
 
On all TVP platforms for QFX devices (QFX10000, QFX5100, QFX5200 platforms), when Jflow sensors are configured with reporting rate less than 30 seconds, the error message was incorrect.
1394927 WITHDRAWN: Junos OS: gRPC hardcoded credentials may allow unauthorized access to systems with Junos Network Agent installed (REJECTED)
 
NO RISK. CVE REJECTED. 04-11-2019: Further investigation has determined that this issue has no impact. While the credentials exist in affected releases there is no way to exploit this issue, and even if the issue were exploitable, there would be no impact. Refer to https://kb.juniper.net/JSA10923 for more information.
PR Number Synopsis Category: access node control protocol daemon
1405318 Configuration load override or load replace resets ANCP neighbors.
 
In ANCP (Access Node Control Protocol) scenario, if executing configuration load override or replace, after the commit operation, All ANCP neighbour sessions might be restarted, even though without any ANCP configuration change.
PR Number Synopsis Category: MX Layer 2 Forwarding Module
1377749 In EVPN A-A scenario with an MX Series or EX Series device acting as a PE device,flood next hops to handle BUM traffic may not get created or miss certain branches when the configuration is performed in a particular sequence.
 
In EVPN A-A scenario with MX or EX acting as PE device,flood NHs to handle BUM traffic may not get created or miss certain branches when the configuration is performed in a particular sequence
1388454 The LSI binding for the IPv6 neighbor is missing.
 
On ACX, EX, MX, QFX and Virtual Chassis Fabric platform, if irb interface is configured under VPLS instance, after switchover the lsi binding for the IPv6 neighbor might be missing.
PR Number Synopsis Category: Control Plane and Infrastructire for the B-54 program
1369646 error: peer_daemon: bad daemon: scpd on EX9251 running 18.1R1 and 18.1R2
 
the scpd process is not running in EX9251. So, the CLI throws an error while trying to fetch details from the process scpd in recent releases.
1409403 The l2ald might crash if issuing "clear ethernet-switching table persistent-learning" command
 
In Junos Fusion scenario, if the same mac-address is learned across two VLANs on the same interface, the l2ald process might crash after issuing the command "clear ethernet-switching table persistent-learning interface id" to clean the persistent mac-addresses from the switching table.
PR Number Synopsis Category: Junos Fusion Infrastructure
1374982 New satellite device can not be added to the Fusion scenario
 
In Junos Fusion Enterprise scenario, Junos Fusion is not able to add new satellite devices when MC-LAG is configured on EX platform.
PR Number Synopsis Category: BBE database related issues
1404358 repd continue core on VC-Bm when there are too many IPv6 address on one session (hit PR1384889)
 
When the box hit PR1384889, There will be multi IPv6 address on one session. On this scenario, It is possible to have "repd" process save its core continuously when replicating SDB from VC-Mm to VC-Bm.
PR Number Synopsis Category: BBE interface related issues
1403480 Smg-service could become unresponsive when doing some GRE-related CLI operations.
 
On BNG (Broadband Network Gateway) or subscriber scenario, when doing GRE related CLI operations and config commit, smg-service could become unresponsive and the bbe-smgd core might happen. The effect detail depends on if there is a crash and what is happening during a crash. Generally it would not cause a crash, but if the resulting concurrent access occurs, it might lead to a crash, thus the bbe-smgd would restart and restore state. In the meantime the service might be affected but it would be temporary.
PR Number Synopsis Category: Border Gateway Protocol
1237006 BGP might not advertise routes on the existing BGP peer after adding Layer 3 VPN instance
 
If rib-group is configured under BGP, BGP might not advertise routes on the existing BGP peer after adding Layer 3 VPN instance. The "show bgp neighbor" shows that the neighbor state is stuck in "Send state: not advertising".
1391084 Race condition causes all the BGP sessions to flap after NSR switchover
 
With GRES and NSR enabled, if executing switchover, in very rare cases, all the BGP session might flap because of a race condition.
1398685 The rpd soft core files and inappropriate route selection might be seen when Layer 2 VPN is used
 
The rpd provides a mechanism to validate that route selection has successfully been done. When errors in route selection are detected, a soft core is dropped: the rpd remains running, a single core file is dropped, it is rate limited to not do this frequently. When running L2VPN, BGP MED selection may be inappropriately run on the routes. As a result, a soft core is created, and features that rely on skipping such routes such as BGP add-paths, may advertise an alternate path that is inappropriate.
1400838 EX4300 might drop incoming ISIS hello packets when IGMP or MLD snooping is configured.
 
On EX4300 platform, when IGMP or MLD snooping is enabled, and ESIS/ISIS packets with below destination multicast mac-address are received, ESIS/ISIS packets are not flooded. It would cause ISIS adjacency establish failure. The MAC-level point-to-point addresses are: 09-00-2B-00-00-04 (AllEndSystems) 09-00-2B-00-00-05 (AllIntermediateSystems)
1402255 On the multi-access/broadcast network, third party BGP router might unexpectedly select RR router as next-hop to forward the IPv6 traffic.
 
RFC 2545 has a limitation on third party next-hops where the next hop is propagated unchanged. Due to this limitation, BGP inet6 Route-Reflector router attaches the BGP neighbor's IPv6 global address and its own IPv6 link-local address as the next-hops while advertising the route to another BGP neighbor. This could introduce the forwarding issue on the BGP neighbor from other vendors if their device picks up the link-local address as next-hop. This would put the BGP RR router in the traffic forwarding path unexpectedly. This issue will not be seen on Juniper devices because IPv6 link-local address would not be selected as prefix's next hop.
PR Number Synopsis Category: BBE Remote Access Server
1401839 The DHCPv6-PD client connection might be terminated after commit when RADIUS assigned address is not defined within the range of a local pool
 
Dual stacked DHCPv6-PD (Prefix Delegation) client connection might be terminated after commit when the address assigned by the RADIUS is not defined within the range of a local pool. The reason is that when doing the configuration commit the authd (Authenication Service Daemon) process is checking address-assignments, and the address-assignment range has changed when IPv6-PD address does not match range of local pool. This might cause the client connection terminated.
1403835 JSRC used Radius Service accounting protocol instead of JSRC for SRC installed service
 
JSRC provisioned service used Radius Service accounting protocol instead of JSRC for SRC installed service
1407923 Some continuous log messages could be seen
 
The log message 'authd[18454]: %DAEMON-3-LI: liPollTimerExpired returned 0' can be seen after any LI activity. The messages are cosmetic.
PR Number Synopsis Category: MX Platform SW - FRU Management
1390016 The jnxFruState might show incorrect PIC state after replacing an MPC with another MPC having less PICs
 
After replacing an MPC with another MPC having less PICs, for example MPC7E has only two PICs, and after MPC4E (which has 4 PICs) replacement with such card PICs 3 and 4 that were present in the system before will be reported as offline instead of not present if jnxFruState is polled.
PR Number Synopsis Category: MX Platform SW - Power Management
1387737 Some SFBs might go down when one of the PSMs in the chassis generates a bad output voltage which is out-of-range
 
On MX2010/MX2020, some Switch Fabric Boards (SFBs) might go down due to one of the Power Supply Modules (PSMs) in the chassis generates a bad output voltage which is out-of-range.
PR Number Synopsis Category: PTX Chassis Manager
1405430 No chassis alarm is raised on PTX1000 when PEM is removed or power lost to PEM
 
When a PEM is removed or loses power on a PTX1000 in susceptible code versions, no chassis alarm is raised.
PR Number Synopsis Category: MX Platform SW - UI management
1376612 The "Power Supply failed" trap might not be generated on MX platform
 
SNMP Traps for a failed power supply (PEM / PSU) may not be generated nor sent.
PR Number Synopsis Category: PRs related to channelized E1/T1 mic
1402563 FPC might crash after offline/online MIC-3D-16CHE1-T1-CE-H.
 
On MX and ACX platforms, after offline and then online MIC-3D-16CHE1-T1-CE-H card, the related FPC might crash.
PR Number Synopsis Category: Class of Service
1403147 The cosd process might crash during committing configuration change through NETCONF.
 
If excess-priority is configured, the cosd process might crash during committing configuration change which includes assigning CoS profile on any logical interface via netconf.
PR Number Synopsis Category: CFM
1367588 OAM Ethernet connectivity-fault-management configured on ae interfaces is not supported but no commit error
 
OAM Ethernet connectivity-fault-management configured on ae interfaces is not supported but there is no commit error pop up.
PR Number Synopsis Category: L2NG Access Security feature
1394341 The dhcp-security binding table might not be updated due to the renew request with '0.0.0.0' value in 'ciaddr'
 
In DHCP security scenario, if the DHCP renew request packet is of the broadcast message and with '0.0.0.0' value in 'ciaddr' field, the DHCP security binding table might not be updated. That binding information is present till its lease time expiry. After lease time expiry the binding information got deleted, which might result in traffic drop of the DHCP client at the old lease expiration time.
PR Number Synopsis Category: QFX Control Plane VXLAN
1373025 ping overlay - RPC Error (illegal option ? X?)
 
ping overlay - RPC Error (illegal option ? X?)
PR Number Synopsis Category: QFX xSTP Control Plane related
1403338 The STP does not work when aggregated interfaces number is "ae1000" or above in QFX5000 and "ae480" or above in other QFXs / EX
 
In aggregated interfaces and STP (Spanning Tree Protocol) scenario, the STP does not work when the aggregated interfaces number is "ae1000" or above in QFX5000 and "ae480" or above in other QFXs / EX. Such interfaces will remain in incorrect STP discarding state and won't forward packets.
PR Number Synopsis Category: Device Configuration Daemon
1391323 The dcd memory leak might be seen when committing configuration change on static route tag
 
After committing configuration change on static route tag (see below example), the memory consumed by device control daemon (dcd) might increase. The leak rate is slow (200KB for every commit with one tag change). [edit routing-instances TEST routing-options static route xx.xx.xx.xx/25] - tag 10; + tag 11;
1402122 Certain otn-options cause interface flapping during commit.
 
With following configuration present, the interface flaps after a commit where an AE interface is being added. set interfaces otn-options trigger oc-tsf hold-time up <> down <> set interfaces otn-options trigger odu-bei hold-time up <> down <>
PR Number Synopsis Category: Manageability for Node Virtualization
1402643 Unexpected termination of the CLI session during image installation
 
With the initiation of image installation on Base System of a setup with node slicing enabled, session gets terminated unexpectedly
PR Number Synopsis Category: JUNOS Dynamic Profile Configuration Infrastructure
1401148 The framed route beyond the first might not be installed in a DHCP subscriber management environment.
 
In a DHCP subscriber management environment, the framed route beyond the first may not be installed to a subscriber session if receiving it from the radius which has more than one Framed-Route.
PR Number Synopsis Category: Ethernet OAM (LFM)
1406165 The cfmd might fail to start after it is restarted
 
If connectivity fault management (CFM) is enabled with the name-format for maintenance-domain set to 'none' and iterator configuration, and the sum of the length of maintenance-domain name and maintenance-association name exceeds the maximum allowed size (i.e. 44 octets), the initial configuration commit would be passed and CFM is working. But once the cfmd is restarted, the cfmd process cannot start with coredump file generated.
PR Number Synopsis Category: EVPN control plane issues
1367766 The EVPN implementation does not follow RFC-7432.
 
The EVPN implementation does not follow RFC-7432 when encoding/decoding 20-bit MPLS labels into ESI Label field in ESI Label Extended Community.
1396915 VNI not updated on default route 0.0.0.0/0 advertised by EVPN type 5 prefix when local configuration changed
 
Attributes like VNI are not updated on the default route 0.0.0.0/0 advertised by an EVPN type 5 prefix when the local configuration is changed.
1404351 The rpd crashes due to memory corruption in EVPN.
 
In Ethernet VPN (EVPN) active/active multi-homing scenario with MPLS encapsulation, toggling of multi-homed interface might cause memory corruption leading to rpd crash.
1405681 The rpd might crash on a leaf node when handling the withdrawal of remote or local MAC address in an EVPN-VXLAN scenario.
 
On all Junos OS platforms that are running Ethernet VPN (EVPN) with Virtual Extensible LAN (VXLAN) on the device, when handling the withdrawal of remote or local MAC address, it may cause stack corruption and may subsequently result in rpd crash on the leaf node.
PR Number Synopsis Category: EVPN Layer-2 Forwarding
1397925 IPv6 link-local address for virtual-gateway address is marked as duplicate in EVPN.
 
In EVPN A-A mode, if the same link-local IPv6 address is configured on both IRB interfaces on the two PEs, DAD will mark one of the IRB interfaces as the duplicate.
1403524 EVPN: In the non-collapsed (centralized) topology, when one of the 2 spines deactivates the underlay protocol (ospf), the leaf still points the virtual-gw-mac's next hop to the down spine
 
In the ECMP path, MAC update should happen when the previously pointed node goes down for a RVTEP. Also the learn_mask was not updated. The issue is fixed in Junos:17.3R3-S3 junos:17.3R4 junos:17.4R3 junos:18.1R3-S2 junos:18.1R3-S3 junos:18.1R4 junos:18.2R3 junos:18.3R1-S3 junos:18.3R2 junos:18.4R2 junos:19.1R1
PR Number Synopsis Category: EX kernel issues specific to CPU
1326902 IfSpeed and IfHighSpeed erroneously reported as zero on EX2300.
 
On a EX2300 switch, the IfSpeed and IfHighSpeed MIB values might be incorrectly displayed during an SNMP get operation.
1326902 IfSpeed and IfHighSpeed erroneously reported as zero on EX2300.
 
On a EX2300 switch, the IfSpeed and IfHighSpeed MIB values might be incorrectly displayed during an SNMP get operation.
PR Number Synopsis Category: Express PFE L2 fwding Features
1383623 DHCP packets may be dropped on a Junos Fusion Data Center scenario (QFX10000 series)
 
In a Junos Fusion Data Center scenario where Satellite Devices (SD) are dual-homed to Aggregation Devices (AD), if the DHCP relay is enabled for at least one IRB and both the DHCP server and clients are connected to ADs over native ports, the discover packets sent from clients which are not using DHCP-relay may be dropped on AD device.
1399369 CPU hog may be observed on PTX/QFX10000 Series platform
 
On PTX/QFX10000 series platform, CPU hog on PFC may be observed if the adaptive feature is enabled to load-balance for an AE interface.
PR Number Synopsis Category: Express PFE L3 Features
1404822 The VRRP VIP might not work when it is configured on the LAG interface
 
The VRRP (Virtual Router Redundancy Protocol) VIP (Virtual IP) might not work when it is configured on the LAG (Link Aggregation Group) interface. It is only working when the LAG member interfaces are on the ASIC 0 of the FPC. The issue results in losing traffic to the VIP.
PR Number Synopsis Category: Stateful firewall and NAT
1391928 The spd might crash when 'any-ip' is configured in the 'from' clause of the NAT rule with the static translation type
 
If dnat-44 / basic-nat66 / basic-nat44 / stateful-nat464 / stateful-nat64 / basic-nat-pt / napt-pt' is configured for translation-type of Network Address Translation (NAT) rule, the Service PIC Daemon (spd) might crash when 'any-ip' (such as any-ipv4 or any-ipv6) is configured in the 'from' clause (such as 'from destination-address' or 'from source-address') of the NAT rule. This is a unsupported configuration. The fix implements a constraint commit checking to detect the presence of 'any-ip' in the 'from' clause and return failure.
1402450 The ICMPv6 packet with embedded IPv6 fragment might not be translated correctly to IPv4 ICMP packet in a NAT64 with MS-DPC deployment
 
On MX-Series platforms with MS-DPC deployed for NAT64, the translation for IPv6 packet to IPv4 packet might not be translated correctly when a node in IPv6 network sends an ICMPv6 Packet Too Big (PTB) message with an embedded ipv6 fragment towards a node in IPv4 network. This results in Path MTU discovery failure.
PR Number Synopsis Category: PTX Express ASIC interface
1403071 Log message "JAM HW data base open failed for ptx5kpic_3x400ge-cfp8" during commit
 
"jam_core_hwdb_open: JAM HW data base open failed" may be seen when looking at the syslog INFO level. This message has no impact on normal operations.
1405399 100G SR4 Optics with part number 740-061405 should be displayed as "QSFP-100G-SR4-T2"
 
This fix helps to distinguish between the optics with P/Ns 740-058734 (displayed as QSFP-100GBASE-SR4) and 740-061405 (will be displayed as QSFP-100G-SR4-T2).
PR Number Synopsis Category: PTX Express ASIC platform
1393643 third-generation FPC reboot loop because of having internal intf issues
 
new stanza to prevent an FPC having hw issue from periodic bouncing
PR Number Synopsis Category: Internet Group Management Protocol
1389119 IGMPv3/MLD membership requests could not work normally
 
When IGMPv3/MLD is configured with ssm-map-policy, if an other/unrelated policy config is changed or a new policy is introduced via ephemeral Database commit, then the IGMPv3/MLD membership requests might not work normally.
PR Number Synopsis Category: Libjtask for RPD tasks, scheduler, timers, memory, and slip
1301849 The rpd might crash by executing the command "show route extensive" during deletion of IS-IS configuration.
 
The rpd might crash by executing the command of "show route extensive" during deleting ISIS configuration.
PR Number Synopsis Category: MX Inline Jflow
1409807 FPC might crash during next-hop change when using MPLS inline J-Flow
 
On MX platforms with MPLS inline-jflow configured, FPC might crash during next hop change due to another FPC reboot or an interface flap, some traffic will be blackholed during the crash.
PR Number Synopsis Category: Kernel software for AE/AS/Container
1353583 Traffic loss might be seen on new master Routing Engine after the interface flaps followed by Routing Engine switchover in VRRP scenario
 
VRRP MAC filter will not be seen in PFE if interfaces flap followed by GRES, before VRRP state settles down after flap. During this time VRRP state is backup in master-RE and VRRP state is idle in Backup-RE. This issue is only for AE interfaces with VRRP configuration. It's irrespective of VRRP scale. The traffic can be recovered by deactivating/activating the ae interfaces.
1390367 Traffic destined to VRRP VIP gets dropped as filter is not updated to related logical interface
 
On MX platform with enhanced-ip and VRRP configured, if remove/add a child link from AE bundles, traffic destined to VRRP VIP might be dropped.
1396772 Adding IRB to bridge domain with PS interface causes kernel crash.
 
IRB (Integrated Routing and Bridging) is not supported for PS (Pseudowire Subscriber) interface. When a PS interface along with IRB in the same bridge-domain is committed, kernel might crash and reboot continuously. The fix of this PR adds commit check to prevent adding IRB to bridge-domain with PS interface.
PR Number Synopsis Category: Optical Transport Interface
1398301 "MIC Error code: 0x1b0002" alarm might not be cleared for MIC on MPC6 when the voltage has returned to normal
 
The voltage high alarm might not be cleared when voltage level comes back to normal for MIC on MPC6.
1398967 The transportd might consume 100% CPU for a prolonged period
 
There might be memory leak on tarnsportd when bulk SNMP polling are on large-scale IFLs and large number of traps are created due to interface flapping etc. The memory leak could cause the transported consuming high CPU for a prolonged period.
PR Number Synopsis Category: SFP GE
1405271 EX-SFP-1FE-LX SFP does not work on MIC-3D-20GE-SFP-E
 
On MX Series platforms, EX-SFP-1FE-LX SFP does not initialize with MIC-3D-20GE-SFP-E(EH).
PR Number Synopsis Category: ISIS routing protocol
1404134 The rpd memory leak might be seen in ISIS Segment Routing scenario
 
In ISIS Segment Routing (SPRING) scenario, when "routing-options forwarding-table chained-composite-next-hop transit labeled-isis" is configured (default enabled on PTX), rpd memory leak for "RT_NEXTHOPS_TEMPLATE" might be observed. If the memory is exhausted, the rpd process might crash.
PR Number Synopsis Category: jl2tpd daemon
1407885 Memory corruption leads to l2tpd to crash
 
Memory corruption leads to L2tp process to crash.
PR Number Synopsis Category: jpppd daemon
1405055 The subscriber might not be able to access the device due to the conflicted assigned address.
 
In a subscriber management environment, the subscriber (say, subscriber A) may not access the device (A can get IP address x.x.x.x but then the connection will be terminated), because the address x.x.x.x is previously assigned to another subscriber B and then re-assigned to A before confirming whether the respective access route for address x.x.x.x is removed.
1410079 The aaa-options configuration knob for PPPoE subscribers does not work on the MX80 and MX104 platforms
 
On MX80/MX104 platform with PPPoE subscriber deployment scenario, when the different radius servers for various VLAN ranges assigned need to be specified with aaa-options, the aaa-options configuration knob that is specified to the access-profile in a dynamic-profile for PPPoE subscribers might not work correctly and cause the PPPoE sessions not to be established.
PR Number Synopsis Category: PFE infra to support jvision
1392071 FPCs may restart after committing the changes to the extended port in a Junos Fusion Provider Edge (MX Series) scenario
 
In a Junos Fusion Provider Edge (MX Series) scenario, all the FPCs may restart after committing the changes to the VLAN/encapsulation on the extended port if the parameter "per-interface-per-member-link ingress" is configured for sourced routing statistic by using the command "set protocols isis source-packet-routing sensor-based-stats per-interface-per-member-link ingress".
PR Number Synopsis Category: Layer2 forwarding on EX/NTF/PTX/QFX
1372421 The dot1xd might crash when dot1xd receives incorrect reply length from the authd.
 
On Junos OS platforms with supporting dot1x, the dot1xd core-dumps might be seen when it receives the reply from the authd and reply length is less than 28 Bytes.
1400716 Only one Packet Forwarding Engine could be disabled on FPC with multiple Packet Forwarding Engines in error/wedge condition.
 
On MX, PTX and QFX platforms with Chassis Manager (CM) error reporting, if Flexible PIC Concentrator (FPC) has multiple Packet Forwarding Engines (PFEs) in which one of PFEs goes into wedge condition, due to this issue, the wedge condition might be reported continuously even after disable_pfe action has been taken for the corresponding PFE. When CMERROR message queue is saturated and the level report-limit is reached (e.g. 10 major errors), the wedge condition on the other PFE within the same FPC will be ignored and not be able to trigger disable_pfe action any more. This issue might cause some traffic being blackholed.
PR Number Synopsis Category: L2TP service related issues
1406179 The stale si-logical interface might be seen when L2TP subscribers with duplicated prefixes or framed-route log in.
 
If L2TP LNS uses inline service (si) interface and the routing service (such as framed-route) is configured in dynamic-profiles, when subscribers login with duplicated prefixes or framed-route, the LNS will reject the second subscriber due to route adding failure. But the si- IFL for the failure subscriber will be left in PFE as a stale IFL.
PR Number Synopsis Category: lacp protocol
1391545 The SNMP query on LACP interface might lead to lacpd crash
 
If stale SNMP (Simple Network Management Protocol) index for LACP (Link Aggregation Control Protocol) interface exists and SNMP query is executed on the LACP interface, the lacpd might crash when trying to retrieve the stale SNMP index. The issue results in LACP negotiation failure during the lacpd restart. If "lacp periodic fast" is configured (which means LACP timeout is 3 seconds), the existing negotiated LACP interface might be impacted and traffic loss might be seen if the restart of the lacpd takes more than 3 seconds.
PR Number Synopsis Category: Link Management Protocol
1392704 The ppmd on the Routing Engine might run with high CPU utilization after Routing Engine switchover.
 
In the rare case, ppmd on RE might stay high cpu usage after RE master switch event. There will be no impact on this problem.
PR Number Synopsis Category: PTX1000 platform
1397612 "show chassis fpc" command on PTX1000 and PTX10000 series routers shows incorrect buffer memory utilization
 
On PTX1000 and PTX10000 series routers, cli command "show chassis fpc" shows incorrect buffer memory utilization.
PR Number Synopsis Category: Multiprotocol Label Switching
1382249 The rpd might crash on backup Routing Engine after switchover
 
If vrf-table-label is configured for VRF routing-instance, after executing GRES or ISSU, the VRF table label which is not released may be reused by another VRF. This might cause an rpd core on backup RE.
1397018 The rpd process might keep crashing repeatedly if the LSP destination address is set to be 0.0.0.0
 
On all Junos platforms, if the Label Switched Path (LSP) destination address is set to be 0.0.0.0 under the protocol Multiprotocol Label Switching (MPLS), the rpd process might keep crashing repeatedly and won't recover due to this issue.
1402382 MPLS LSP traffic loss might be seen under rare conditions if CSPF is enabled
 
When make-before-break (MBB) new instance signaling experiences error and before retry is finished, other triggers such as auto bandwidth adjustment timer expiration have to be blocked until MBB finishes. Once the MBB finishes instance switching, blocked trigger needs to be scheduled, but should only be triggered after optimize-adaptive-teardown timer expires. In the affected releases, the blocked trigger is scheduled immediately after instance switching without taking optimize-adaptive-teardown timer into account, it causes old instance to be torn down before whole system finishes changing routes using the new instance, this leads to traffic loss.
PR Number Synopsis Category: Multicast Routing
1399457 Unexpectedly high packet loss might be observed after an uplink failure when the MoFRR feature is used in a scaled environment
 
When the MoFRR feature is used in a scaled environment (in terms of number of routes and NHs), the actual convergence of multicast traffic might reach hundreds of milliseconds due to sub-optimal handling of MoFRR forwarding states on the PFE level.
PR Number Synopsis Category: For multicast snooping on MX
1394213 Multicast traffic might be interrupted in H-VPLS scenario
 
In H-VPLS (Hierarchical-VPLS) with IGMP v2 scenario, if the interface (on Hub-VPLS side to Spoke-VPLS) flaps repeatedly; or remove one or more the VPLS-instances, Spoke will clear the Mroute towards the Hub, which finally causes multicast traffic interrupted.
PR Number Synopsis Category: Multicast for L3VPNs
1392792 High rpd CPU utilization on the backup Routing Engine might be observed in MVPN+NSR scenario
 
Under extreme case, Routing process under Backup Routing Engine might be under high utilization upon route updates.
1398458 Downstream interface is not removed from multicast route after getting PIM prune
 
In NG-MVPN scenario where source and receivers are on the same PE but different routing-instances, if PIM prune (*, g) is received on a downstream interface, Type 7 route might not get updated accordingly, resulting in the interface remaining in multicast route. Thus unwanted multicast traffic keeps being forwarded to that interface.
PR Number Synopsis Category: Fabric Manager for MX
1338647 An enhancement for better accuracy on the drop statistic of the command "show class-of-service fabric statistics"
 
The output of the CLI command show class-of-service fabric statistics now calculates traffic that was dropped because of internal errors in the fabric forwarding path.
PR Number Synopsis Category: MX104 Software - Chassis Daemon
1393716 JUNOS enhancement configuration knob to modify mcontrol watchdog timeout
 
Junos CLI enhancement to configure mastership refresh timeout value 9 to 30 via the chassis CLI command 'set chassis redundancy mastership-refresh-timeout'.
PR Number Synopsis Category: Neo Interface
1400825 A 10-Gigabit Ethernet interface may not come up if it has the "link-down" configured in the low-light scenario
 
On MX platform, on a link which both ends have 10G Ethernet interfaces with "link-down" action configured when a low light condition is detected on one 10G interface and goes down, the link will end up in a "dead-lock" state. This condition will remain even after link restoration.
PR Number Synopsis Category: Track Mt Rainier RE platform software issues
1383706 Incorrect user privilege regarding "set vmhost" command
 
'set vmhost <>' config command needs to be available user who have "system-control permission"(in order to be in line with 'set system <>' command). But 'set vmhost <>' is available user who have "system-control permission" corrected the same.
1399654 The unexpected alarm might be shown on NG-RE
 
unexpected alarm might be shown on NG-RE
PR Number Synopsis Category: FreeBSD Kernel Infrastructure
1356423 The command "show system virtual-memory | display xml validate" displays errors
 
The xmlised output of "show system virtual-memory" is created under a single container(for each table format) with repeated tag names. Because of the repeated tag names in the same container xml validation is failing. Added changes to xmlise each row output of table format in a separate container.
PR Number Synopsis Category: "ifstate" infrastructure
1404507 The VMCore might be seen when there is an interface deletion
 
In a very rare situation, The VMCore might be seen when there is an interface deletion/addition.
PR Number Synopsis Category: JUNOS Network App Infrastructure (for ping, traceroute, etc)
1396335 When using ifconfig utility to bring down the PS logical interface, its Admin status is not going down as expected.
 
When ifconfig utility is used to bring down any PS interface IFL ,its Admin status is not going down. This is unexpected behavior for PS IFLs. At the same time, PS IFDs behave correctly when ifconfig utility is used to bring them down.
1409847 Junos OS: Insufficient validation of environment variables in telnet client may lead to stack-based buffer overflow (CVE-2019-0053)
 
In Junos OS, insufficient validation of environment variables in telnet client may lead to stack-based buffer overflow (CVE-2019-0053); Refer to https://kb.juniper.net/JSA10947 for more information.
PR Number Synopsis Category: PFE Peer Infra
1404368 chassisd process becomes unresponsive causing line-cards disconnecting from the RE due to high CPU usage. The peer-proxy-thread was stuck in a tight loop causing high CPU
 
During a major network churn event, the chassisd process may become unresponsive due to the ppt ( peer-proxy-thread) being in a tight loop. This leads to FPCs being disconnected and reboot.
PR Number Synopsis Category: Provider Backbone (PBB) EVPN functionality within RPD on MX platfor
1401669 ,RPD core files are seen upon Routing Engine switchover with scaled EVPN configuration.
 
on MX or QFX10k with dual RE/NSR enabled and a scaled EVPN configuration, RPD could core upon RE switchover due to a bug that corrupts the EVPN instance tree. Not seen with limited or few EVPN instances.
PR Number Synopsis Category: PTP related issues.
1404002 The time synchronization through PTPoE might not work when Enhanced Subscriber Management is enabled on MX Series routers.
 
When Enhanced Subscriber Management is enabled on MX (i.e. set system services subscriber-management enable), the Precision Time Protocol (PTP) with PTP-over-Ethernet (PTPoE) configuration might not work on MPC2E-NG/3E-NG or MPC5E and above (such as MPC6E/7E/8E/9E/10E/11E).
PR Number Synopsis Category: Chassis mgmt for all QFX systems - chassis MIB, alarms, CLI
1398349 QFX5110 - Fan LED turns Amber randomly
 
On QFX5110, multiple FANs would be Solid Amber state though there is no hardware failure.
PR Number Synopsis Category: Interface related issues. Port up/down, stats, CMLC , serdes
1399878 SFP-LX10 does not work on QFX5110
 
On QFX5110 platforms, from Junos 17.3 onwards, the interfaces with SFP-LX10 transceivers and auto-negotiation enabled(default configuration) might be down.
PR Number Synopsis Category: QFX Platform related (SYSLOG/ALARMS/miscellaneous)
1383693 Last reboot reason is not correct if device is rebooted because of power cycle
 
Last reboot reason is not correct if device is rebooted because of power cycle. Last reboot reason will be displayed as Vjunos reboot even if the device got rebooted due to power cycling.
1394655 QFX5110 VC: Fan tray output not displayed for backup routing engine
 
Fan tray details may be missing in the 'show chassis hardware' output on backup RE of QFX5110 VC running certain Junos versions. This issue has been fixed in upcoming Junos versions.
1395534 Unable to install licenses automatically on QFX platforms
 
On QFX Series platforms, it is unable to update licenses automatically with "request system license update" command.
1402852 File permissions are changed for /var/db/scripts files after reboot
 
On newer QFX5K switches(QFX5K switch with qfx-5e image), file permissions are changed for /var/db/scripts files after reboot. This can impact scripts running on the box.
PR Number Synopsis Category: QFX PFE Class of Services
1380294 There is an inconsistency in applying scheduler map with excess-rate on the physical interface and AE interface
 
On QFX5100/QFX5110/QFX5120/QFX5200/QFX5210 Series platforms, there is an inconsistency when applying a scheduler map with excess-rate on the physical interface and aggregated ethernet (AE) interface. The excess-rate is not supported on the physical interface, but it could be committed successfully on the AE interface containing that physical interface with the same excess-rate parameter.
PR Number Synopsis Category: QFX L2 PFE
1389908 The input rate statistics might not increase if there are non-standard packets flow
 
On EX2300/QFX5100/ACX5k platforms, if there are non-standard packets flow, the input rate statistics might not increase.
1389908 The input rate statistics might not increase if there are non-standard packets flow
 
On EX2300/QFX5100/ACX5k platforms, if there are non-standard packets flow, the input rate statistics might not increase.
1404895 ARP/ND will not be resolved in case of native VLAN ID configured for LAG access interface
 
When native VLAN ID is configured for LAG access interface for L2 gateway case, ARP/ND will not be resolved and hence traffic will be dropped for that VLAN. No issue with native VLAN ID configured on normal xe / et interfaces (without LAG).
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1399733 QFX5100 - VXLAN - Traffic is queued in the wrong queue when interface configuration is changed from a layer 2 with VXLAN configured on the VLAN to a family inet configuration
 
On QFX5100, traffic initiated from a server connected to an interface is dropped at the interface on the switch if the interface is configured with family ethernet-switching with VXLAN and the configuration is changed to family inet.
PR Number Synopsis Category: QFX MPLS PFE
1400868 The dcpfe crashes might be seen after several times of adding/deleting a large number of LSPs
 
On ACX/EX/QFX platforms, if adding/deleting a large number of LSPs several times, the dcpfe crashes and MPLS warning messages might be seen.
PR Number Synopsis Category: QFX EVPN / VxLAN
1380084 The overlay-ecmp might not work as expected on QFX5110 in an EVPN-VXLAN environment
 
On QFX5110 device with EVPN-VXLAN scenario, the traffic might be dropped when the equal-cost multipath (ECMP) path is enabled with Type-5 routes in an overlay EVPN-VXLAN network
1409949 The FPC may crash and could not come up if interface-num or next-hop is set to maximum value under vxlan-routing on QFX platforms
 
On QFX 5100/5110/5120/5200/5210 platforms, when either of following configurations is present, the FPC may crash and could not come up even after reboot, the issue can be avoided by setting interface-num or next-hop to lesser values instead of maximum values. "set forwarding-options vxlan-routing interface-num 12288" or "set forwarding-options vxlan-routing next-hop 49152".
PR Number Synopsis Category: KRT Queue issues within RPD
1383426 The log of "RPD_KRT_Q_RETRIES: list nexthop ADD: No such file or directory" might be continuously shown after the rpd restart
 
When reading back next-hops from the kernel, the rpd could set an incorrect flag on the next-hop, which could potentially affect next-hop installation for composite next-hops.
1406822 Traffic impact might be seen if auto-bandwidth is configured for RSVP LSPs
 
With auto-bandwidth configured for Resource Reservation Protocol (RSVP) Label Switched Path (LSP), when timeout occurs during LSP statistics query, large bandwidth might be wrongly reserved for the LSP. If there is no sufficient resources (e.g. bandwidth, alternative path) in the network, other LSPs might be torn down, or might not go up.
PR Number Synopsis Category: RPD Next-hop issues including indirect, CNH, and MCNH
1402390 In JUNOS Logical System, configuration of "chained-composite-next-hop ingress l3vpn extended-space" failed to commit after upgrading to 17.2/later releases
 
After upgrading Junos to Junos OS Release 17.2 or later, the statement "chained-composite-next-hop ingress l3vpn extended-space" cannot be configured any longer on a logical system.
1407408 The process rpd crash may be observed once a non-forwarding path is used for re-resolution
 
The process rpd might crash after a non-forwarding route (that is, a route to an indirect next-hop association is a non-forwarding indirect next- hop) which is received from multiple protocols is resolved again by using the non-forwarding path.
PR Number Synopsis Category: RPD route tables, resolver, routing instances, static routes
1341720 The VRF static route might not be exported when route-distinguisher-id is used on RR in BGP Layer 3 VPN scenario.
 
In Border Gateway Protocol (BGP) Layer 3 Virtual Private Network (L3VPN) scenario, on the Route Reflector (RR) with Virtual Routing and Forwarding (VRF) instance deployed, if Auto-RD (Automatic Route Distinguishers) feature is used, the VRF static route might not be exported to bgp.l3vpn.0 table correctly under race condition. Hence the static route could not be advertised to remote device.
1385380 The static route might persist even after its BFD session goes down
 
On all Junos OS platforms with BFD for the static route configured, when the BFD session is brought down by changing the VLAN ID of the local interfaces, the static route might persist in the routing table.
PR Number Synopsis Category: Sangria Platform including chassisd, RE, CB, power managemen
1404611 PTX3000: FPCs are not able to come online for tens of minutes after a reboot of the chassis
 
On PTX3000 platform with several FPCs (e.g, around 8), after reloading the chassis, FPCs might not be able to come online for tens of minutes.
PR Number Synopsis Category: Generic platform and infra issues for MS-MIC and MS-MPC(XLP)
1284654 Migrate from syslog API to Errmsg API;/src/junos/usr.sbin/mspsmd.
 
This is in an internal change as Syslog usage is deprecated, however, there may be customer impact due to syslog usage in automation. Applications have migrated to tracing for engineering debug messages or ERRMSG for customer useful/relevant messages. The customer is advised to migrate to new ERRMSG definitions as appropriate. mspsmd daemon has migrated out of syslog to ERRMSG.
1362271 The MS-MPC might reset continuously on MX Series platform.
 
On MX platform with MS-MPC installed, the PIC might reset continuously for MS-MPC due to this issue, which will lead to core file generated as well.
1376060 MS-MPC might have performance degradation under scaled fragmented packets.
 
On MX Series platforms with MS-MPC, it might have performance degradation if the MS-MPC receives scaled fragmented packets.
1382531 Flows are getting exported before the expiry of the configured active timeout value.
 
The export of the Jflow records is seen at the collector before the expire of the configured active timeout value. This export result might not be the expected.
PR Number Synopsis Category: SFW, CGNAT on MS-MIC/MS-MPC (XLP)
1405423 MX Series: Denial of Service vulnerability in MS-PIC component on MS-MIC or MS-MPC (CVE-2019-0065)
 
On MX Series, when the SIP ALG is enabled, receipt of a certain malformed SIP packet may crash the MS-PIC component on MS-MIC or MS-MPC. Refer to https://kb.juniper.net/JSA10964 for more information.
1405882 NAT64 translation issues of ICMPv6 Packet Too Big message with MS-MPC/MS-PIC
 
On MX series with MS-MPC/MS-PIC, in NAT64 scenario, if ICMPv6 Packet Too Big message is required to be translated, the translated ICMPv4 Destination Unreachable packet is incorrect. L4 destination port under embedded IPv4 address is not translated, IPv4 Identification field doesn't copy from IPv6, header checksum in IPv4 under ICMPv4 is wrong.
PR Number Synopsis Category: security-intelligence feature on SRX
1390150 Ipfd core-dumps were seen in SRX platforms
 
Ipfd process core files are seen due to file handler memory leak.
PR Number Synopsis Category: Stout PF fabric (SFB2)
1406030 Fabric performance drop on MPC7, MPC8, or MPC9E and SFB2 based MX2000 platform.
 
On MPC7/8/9E and SFB2 based MX2000 Series platforms, code change done by PR 1336446 fixing MPC7/8/9E fabric re-ordering issue with SFB causes fabric performance drop. The throughput might not reach the expected value in high volume traffic scenario.
PR Number Synopsis Category: MX10003/MX204 Platform SW - Chassisd s/w defects
1387338 The chassisd process might crash after restarting the lcmd process
 
On MX204 or MX10003 platforms, the chassisd process might have random memory corruption after restarting the lcmd (Linux chassis management daemon) process. The memory corruption might result in chassisd crash. Traffic loss might be seen during the chassisd process crash.
1409930 On MX10003 platform, after removing the FPC from a slot, when a new FPC is plugged in, chassis was showing old serial for this new FPC.
 
On MX10003 platform, after removing the FPC from a slot, when a new FPC is plugged in, not only chassis was showing old serial for this new FPC. Entire FPC ideeprom data was retained. So all the fields were showing old values.
PR Number Synopsis Category: SRX-1RU platfom related protocol, QoS, filtering features et
1397210 40 Gigabit Ethernet /100 Gigabit Ethernet ports may take a long time (about 30 seconds) to link up on SRX4600 platform.
 
SRX4600 platforms with 40/100 Gigabit QSFP ethernet ports link up time take long time(about 30s) after multiple times link down/up.
PR Number Synopsis Category: Issues related to broadband edge apps (PPP, DHCP) on Trio ch
1391932 The Packet Forwarding Engine might not respond with ICMP time exceeded error when packet arrives from the subscriber.
 
The PFE might not respond with ICMP error for TTL expiry when packet is arrived from subscriber. This might prevent traceroute to work from subscribers. When the traffic or service problem occurs in the production network, if the result of traceroute is wrong, it will bring great difficulties to troubleshooting.
1402484 Some error logs might be seen on FPC when reading is attempted from Uninitialized memory location.
 
On all MX platforms that support enhanced subscriber management (Next Generation Subscriber Management) with L2TP subscriber scenario, when a packet arrives with size higher than LNS (L2TP network server) IFL (Logical interface) MTU and 'Do-not fragment' bit is set, because the micro kernel generates ICMP error messages and increment 'out-mtu-errors' in IFD (Pysical interface) stream counter, and then the OIF (Outgoing interface) index is wrongly programmed in LNS IFL output feature list. So some error logs would be seen when reading attempt from Uninitialized memory location. This only impacts the traffic from Core to LNS subscriber on PFE which needs to generate ICMP error message like MTU exceeded. It would not impact normal transit traffic.
PR Number Synopsis Category: Trio pfe qos software
1402377 Syslog error message: [LOG: Err] COS_HALP(cos_halp_get_fabric_stats_per_pfe:3211): pfe_id 0 cchip 0[LOG: Err] COS_HALP(cos_halp_get_fabric_stats_per_pfe:3272): No PFE found for pfe_id_start 0 is seen.
 
On a MX204, when any command under 'show class-of-service fabric <>' hierarchy is executed, you will see "COS_HALP(cos_halp_get_fabric_stats_per_pfe:3211): pfe_id 0 cchip 0" error messages. Since the MX204 is fabric less platform, the COS fabric CLI commands are not available. The error messages have no side effects.
1406848 Abnormal queue-depth counters in "show interface queue" output on interfaces which associated to XM2 and 3
 
Due to the bug, MPC with 4 XM chips, such as MPC6E, while MIC1 is in use, which the interfaces associated to XM2 and 3, the Queue-depth counters in "show interface queue" output might be abnormal. Alternatively Maximum counters of Queue-depth are incorrect or even no any Queue-depth info. The issue is cosmetic of CLI output, the PFE sw and ASIC programming are fine.
PR Number Synopsis Category: Trio pfe bridging, learning, stp, oam, irb software
1407200 IPv6 traffic might be dropped between VXLAN bridge-domain and IP/MPLS network
 
On Trio-based platforms, when an IPv6 host located in VXLAN bridge-domain tries to communicate with another IPv6 host located in IP/MPLS network via irb gateway, the IPv6 traffic might be dropped.
PR Number Synopsis Category: Trio pfe l3 forwarding issues
1402834 Host outbound traffic might be dropped on MPC7, MPC8, and MPC9.
 
On MX platforms with enhanced subscriber management enabled, if the Junos release is 18.2X75-D10, 17.4R2, 18.1R2 and onwards, in which turbo TX is supported and enabled, when "class-of-service host-outbound-traffic" is configured, host outbound traffic (e.g. ARP, ISIS, OSPF, etc.) might be dropped on MPC7/8/9.
PR Number Synopsis Category: Trio pfe multicast software
1390541 Traffic is dropped when passing through MS-DPC to MPC.
 
On MX series platform, when traffic passes through MS-DPC service card and then egresses the router through an AE interface on MPC, partial traffic loss might be seen due to a memory initializing issue.
PR Number Synopsis Category: Trio pfe microcode software
1343687 Inline keepalive session might be down due to lcp-keepalive-failure on MPC5E/MPC6E PIC0 interfaces
 
On MPC5E/MPC6E module interfaces, when sending PFE generated keepalive packets, inline ka infra send the packets to wrong XM and causes the drop of packets. Subscribers may be disconnected by MX due to "lcp-keepalive-failure". The known affected situation are ppp lcp echo request message and CFM keepalive message and so on.
PR Number Synopsis Category: Junos Automation, Commit/Op/Event and SLAX
1405903 Some files are missing during log archiving
 
When there are any scripts running on the router cscript.log will be created. It is found that the permission are set wrongly hence when any non-root user tries to archive the /var/log along with cscript, some other files in /var/log go missing in the archived file. So when we untar the file, less files are found. This issue is not seen when root user does the archive. With the fix of the PR non-root user would be able to archive the files.
PR Number Synopsis Category: Configuration mgmt, ffp, load-action, commit processing
1385902 The device with more than five IP addresses configured in the DHCP server group goes into amnesiac mode after reboot
 
If the knob "commit fast-synchronize" is enabled, the device with more than 5 IP addresses configured in the dhcp server-group might go into amnesiac mode after reboot. But in practice it should not allow more than 5 IP addresses based on the implementation, and this validation for "commit check" is skipped when fast-synchronize is configured.
PR Number Synopsis Category: UI Infrastructure - mgd, DAX API, DDL/ODL
1352504 Large-scale users' login and logout may cause mgd memory leak.
 
The mgd memory usage is shown as increased by about 450 MB over the weekend (greater than 72 hours).
1368998 Junos OS:set system ports console insecure allows root password recovery on OAM volumes (CVE-2019-0035)
 
Junos OS: set system ports console insecure allows root password recovery on OAM volumes (CVE-2019-0035); Refer to https://kb.juniper.net/JSA10924 for more information.
1401249 The authd process might stop when issuing the show network-access requests pending command during the authd restart
 
The authd might crash when issuing "show network-access requests pending" command during the authd restarting.
PR Number Synopsis Category: V44 Aggregation Device Infra
1384440 BUM traffic may get dropped on peer Fusion Aggregation Device when the link between Satellite Device and local Aggregate Device goes down
 
In the dual AD Junos Fusion setup, BUM (Broadcast, Unknown Unicast, and Multicast) traffic may get dropped on peer Fusion Aggregation Device when the link between Satellite Device and local Aggregate Device goes down.
PR Number Synopsis Category: PFE on Satellite Device
1397992 Extended Port (EP) LAG may go down on the Satellite Devices (SDs) if the related Cascade Port (CP) links to an Aggregation Device (AD) goes down
 
In a Junos Fusion Data Center if one Aggregation Device (AD) is isolated by disabling Inter Chassis Link (ICL) and all cascade ports (Link between AD and SD) and later if only ICL is reenabled on the AD then EP-LAG LACP will go down.This issue will not be seen if ICL is up and only AD-SD links go down.
PR Number Synopsis Category: PTX/QFX10002/8/16 specific software components
1322082 PTX10K: For 100G LR4 Optics with part number 740-061409 change 'show chassis hardware' display to QSFP-100G-LR4-T2.
 
On PTX10K 100G LR4 optics with Part Number 740-061409 will show as QSFP-100G-LR4-T2 instead of QSFP-100G-LR4 and optics which shows as QSFP-100G-LR4 is not supported on PTX10K
1408204 The link flaps occur when a 100g QSFP is inserted into PTX which LFM (Link-Fault Management) is configured
 
When a 100g QSFP is inserted into FPC on PTX, all the other interfaces on that FPC and the other FPCs might flap, since these interfaces are configured the smaller "pdu-interval" value of LFM.
PR Number Synopsis Category: VMHOST platforms software
1398333 Junos OS: NFX150 Series, QFX10K Series, EX9200 Series, MX Series, PTX Series: Path traversal vulnerability in NFX150 and NG-RE leads to information disclosure (CVE-2019-0074)
 
A path traversal vulnerability in NFX150 Series and QFX10K Series, EX9200 Series, MX Series, and PTX Series devices with Next-Generation Routing Engine (NG-RE) allows a local authenticated user to read sensitive system files. Please refer to https://kb.juniper.net/JSA10975 for more information.
PR Number Synopsis Category: Windsurf diags software
1370337 "MIC Error code: 0x1b0001" alarm might not be cleared for MIC when the voltage has returned to normal
 
The voltage high alarm might not be cleared when the voltage level comes back to normal for MIC on MPC5E.
PR Number Synopsis Category: xSTP Protocol
1390330 STP PDUs might not be getting processed as show command is taking more time to display results
 
When the show command is taking a long time to display results, the STP might change states as BPDUs are no longer processed and cause lots of outages.


18.1R3-S3 - List of Open issues

PR Number Synopsis Category: EX4300 Control Plane
1387871 After EX4300 VC is upgraded to 18.2R1 "jdhcpd: shmlog: shared log header is NULL" log message can be seen
 
When EX4300 Virtual-chassis is upgraded to 18.2R1 it may start generating "jdhcpd: shmlog: shared log header is NULL" log message repeatedly. Which doesn't cause any impact but fills up the log messages file.
PR Number Synopsis Category: EX2300/3400 PFE
1380451 EX2300: fxpc cored @ fxpc_watchdog & handle_signal while performing re switch over by rebooting master in ex2300-48mp
 
On rare occasions in EX2300-VC while performing GRES with a typical access security profile in campus/enterprise deployment we may see fxpc core.
PR Number Synopsis Category: QFX L2 Protocols Control Plane related
1429821 Extra incorrect MAC move might be seen when the host moves continuously between the different ESIs
 
In EVPN-VXLAN (Ethernet VPN - Virtual Extensible LAN protocol) multihoming with ESI (Ethernet Segment Identifiers) scenario, extra incorrect MAC (Media Access Control Address) move might be seen when the host moves continuously (about every 50 seconds or less) between the different ESIs. Normally there is no impact for the extra MAC move, however, if the real MAC move plus the extra MAC move surpass the duplicate MAC detection settings (default 5 times in any 180-seconds window), the MAC will be suppressed. In this case, the issue results in host move failure.
PR Number Synopsis Category: QFX PFE L2
1387757 VxLAN nexthop entry leak issue on EX4600 and QFX5K platforms
 
On EX4600 and QFX5K series platforms, due to a sync issue between Kernel and PFE, VxLAN nexthop entry might fail to be deleted on PFE upon route change, with log "brcm_vxlan_riot_destroy_nh" reported. If too many nexthop entries cannot be deleted and fill up the l3 egress table, new entries will not be added and might result in traffic impact.
1388888 With IGMP snooping enabled on the LEAF switches, multicast traffic is forwarded to VLAN/VNI which doesn't have active receiver
 
In 18.1R3-S3, IGMP snooping is supported only on network port. i.e. Traffic coming on access interface will be flooded to other access interface and network interface, it won't use IGMP joins to send multicast traffic only to required receiver. But when traffic is coming on network port (VTEP encapsulated), it will not flood traffic but will forward only if there are receivers on LEAF box. This behavior is same as 18.1R1.
1388888 With IGMP snooping enabled on the LEAF switches, multicast traffic is forwarded to VLAN/VNI which doesn't have active receiver
 
In 18.1R3-S3, IGMP snooping is supported only on network port. i.e. Traffic coming on access interface will be flooded to other access interface and network interface, it won't use IGMP joins to send multicast traffic only to required receiver. But when traffic is coming on network port (VTEP encapsulated), it will not flood traffic but will forward only if there are receivers on LEAF box. This behavior is same as 18.1R1.
1403305 QFX5K: dc-pfe process crash might be observed during restart of PFE or system with scaled EVPN / VxLAN config.
 
When a Packet Forwarding Engine is restarted with scaled EVPN-VXLAN configuration, the Packet Forwarding Engine might be crashed during the restart process then will come back fine.
1405814 QFX:EVPN-VXLAN - Unicast IPv6 NS message gets flooded on L3GW, So both IPv4 and IPv6 traffic gets dropped on L2SW
 
In case of multihome (ESI) scenario, if IPV6 NS packet is flooded by peer leaf device over VTEP, when it comes to QFX5K device, it will be flooded back to access ESI host also which is not expected. Because of this if there is L2 switch before host, there might be loop happening. Work around is to disable arp-suppression.
1423368 Stale entries may be observed in a layer-3/layer-2 VXLAN gateway scenario
 
On QFX Series platform where the Layer 3 virtual extensible LAN (VXLAN) gateway is supported such as QFX5110, stale entries might be observed if route change happens, triggering route and next hop deletion on Packet Forwarding Engine. Because of the increasing stale entries, which might further fill up the corresponding table and causes the new entries to not get added successfully, traffic loss might be observed as a result.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1394866 JDI-RCT: EVPN-VXLAN NON-COLLAPSED: AUTONEG Errors and flush operation failed error, seen after power cycle of the device
 
AUTONEG Errors and flush operation failed error, seen after power cycle of the device as mentioned below. These error message does not have any functionality impact. "LOG: Err] ifd 153; Ether autonegotiation error (1000)" and "ch_vchassis_ipc_flush_pipe: flush operation failed for pipe 155333280"
PR Number Synopsis Category: ACX Interfaces IFD, IFL, vlans, and BRCM init
1382166 Host bound traffic might be affected and lt interface can go down in ACX
 
Host bound traffic might be affected and lt interface can go down in ACX
PR Number Synopsis Category: MX Layer 2 Control Module
1407775 Log messages "dot1xd[]: task_connect: task ESP CLIENT:...: Connection refused" might be reported in Junos OS Release 17.4 or later.
 
Messages like the following can appear in log message on devices running Junos 17.4 or later: dot1xd[7683]: task_connect: task ESP CLIENT:33001.128.0.0.1+33001 addr 128.0.0.1+33001: Connection refused dot1xd[7683]: task_connect: task ESP CLIENT:33001.128.0.0.1+33001 addr 128.0.0.1+33001: Connection refused .. The message is cosmetic and can be ignored/filtered out.
PR Number Synopsis Category: Junos Fusion Infrastructure
1366106 PoE over LLDP negotiation is not supported on Junos Fusion Enterprise setup
 
PoE (Power over Ethernet) over LLDP (Link Layer Discovery Protocol) negotiation is not supported in Junos Fusion Enterprise (JFE) setup. The issue results in powering up failure when a device makes PoE over LLDP negotiation with the JFE.
PR Number Synopsis Category: BBE routing
1387690 The bbe-smgd process might crash when two subscribers log in with the same framed-route prefix and preference values.
 
In subscriber management scenario, the bbe-smgd process might crash when two subscribers login with the same framed-route prefix and preference values returned from Radius.
PR Number Synopsis Category: Border Gateway Protocol
1399141 Junos OS: BGP packets can trigger rpd crash when BGP tracing is enabled. (CVE-2019-0019)
 
Junos OS: BGP packets can trigger rpd crash when BGP tracing is enabled. (CVE-2019-0019); Refer to https://kb.juniper.net/JSA10931 for more information.
1414021 The rpd gets stuck in a loop while doing the multipath calculation which leads to the high CPU usage
 
In BGP with the indirect next-hop scenario, if uRPF is enabled, and then enable BGP multipath, a background job loop might be formed and the CPU utilization of rpd process might be stuck at 100%.
PR Number Synopsis Category: BBE Remote Access Server
1402012 The authd crash might be seen due to a memory corruption issue
 
In subscriber scenario, the authd might crash multi-times due to a memory corruption issue.
PR Number Synopsis Category: Enhanced Broadband Edge support for cos
1404325 The FPC might crash in a CoS scenario
 
If MPC1/MPC2 are used ("Trio" based MPCs) in HCoS scenario, the FPCs might crash due to an invalid IFL referred by the dynamic BBE subscriber interface.
PR Number Synopsis Category: MVRP
1394846 EX2300 - MVRP does not work when VOICE VLAN is activated on ELS platforms..
 
EX2300 - VOIP vlan are not send via MVRP protocol and when the interface is configured for VOIP vlan, it also stop sending the DATA vlan that is configured under the same interface.
PR Number Synopsis Category: QFX Control Plane VXLAN
1386016 First ARP Reply goes to all VTEPs in MC-Group, instead of only to requested hosts.
 
For the first ARP request packet, the host?s MAC is learnt via EVPN and not via the encapsulated packet which comes over the tunnel. So, by the time ARP reply comes, the remote MAC may not be programmed in the HW yet due to which it is flooded.
PR Number Synopsis Category: OpenSSH and related subsystems
1408195 Junos OS: vSRX, SRX1500, SRX4K, ACX5K, EX4600, QFX5100, QFX5110, QFX5200, QFX10K and NFX Series: console management port device authentication credentials are logged in clear text (CVE-2019-0069)
 
On vSRX, SRX1500, SRX4K, ACX5K, EX4600, QFX5100, QFX5110, QFX5200, QFX10K and NFX Series, when the user uses console management port to authenticate, the credentials used during device authentication are written to a log file in clear text. Refer to https://kb.juniper.net/JSA10969 for more information.
PR Number Synopsis Category: Firewall Filter
1394922 Junos OS: Firewall filter terms named "internal-1" and "internal-2" being ignored (CVE-2019-0036)
 
Junos OS: Firewall filter terms named "internal-1" and "internal-2" being ignored (CVE-2019-0036); Refer to https://kb.juniper.net/JSA10925 for more information.
PR Number Synopsis Category: Ethernet OAM (LFM)
1281073 The cfmd process might continuously crash after upgrade
 
The /var/db/cfm.db format is changed as part of PR 1249979 (which is fixed in 16.1R4-S2 16.1R5 17.1R3 17.2R1 17.3R1 trunk). With CFM configuration, if executing upgrade between releases which uses different db format, the continuous cfmd crashes might be seen after upgrade.
PR Number Synopsis Category: mgd, ddl, odl infra issues
1406219 Junos OS: Insecure management daemon (MGD) configuration may allow local privilege escalation (CVE-2019-0061)
 
The Junos CLI communicates with MGD over an internal unix-domain socket and is granted special permission to open this protected mode socket. Due to a misconfiguration of the internal socket, a local, authenticated user may be able to exploit this vulnerability to gain administrative privileges.
PR Number Synopsis Category: EVPN control plane issues
1287557 commit block for vlan-id none with evpn routing-instance without routing-instance
 
When a VLAN uses an IRB interface as the routing interface, the VLAN-ID parameter must be set to "none" to ensure proper traffic routing. This issue is platform independent.
1394099 on QFX10k, RE switchover with nonstop-routing enabled, could result in EVPN traffic loss
 
on a QFX10k with nonstop-routing enabled and running EVPN, if RE switchover occurs, EVPN traffic could see significant traffic loss.
1402175 ATT Whitebox: 'show evpn instance extensive esi' command does not filter output by esi (ATTip45090 )
 
To filter and see the output of desired ESI or neighbor information of an EVPN instance, we created two new choices, namely show evpn instance <> esi-info esi <> show evpn instance <> neighbor-info neighbor <>.
1415450 Traffic drop might be seen due to VXLAN Encapsulation nexthop (VENH) not installed correctly during BGP flapping
 
On EVPN-VXLAN scenario, during BGP flapping, the NH (next-hop) towards a VTEP (Virtual Tunnel End Point) might not be programmed properly, so if the traffic (especially inter-VNI traffic) destination is hashed via this Leaf/VTEP node, traffic loss might be seen. The reason is that due to BGP flap, the 'route delete and route add request to rpd' might get compressed which results in VXLAN DB not getting updated with right unicast NH to stitch it with VENH (VXLAN Encapsulation nexthop). So VENH will not have unicast NH to forward the traffic.
PR Number Synopsis Category: EVPN Layer-2 Forwarding
1372561 BD/RI is not cleaned up when load override baseline config
 
When EVPN-VXLAN config is override with baseline config it seems some MACs or VTEPs are not cleaned up and result BD/RI in destroy/delete state.
1394959 [evpn_vxlan] [virtual_switch] IRB mac/ip info will be deleted from ethernet-switching arp/nd table when no-arp-suppression is configured.
 
[evpn_vxlan] [virtual_switch] IRB mac/ip info will be deleted from ethernet-switching arp/nd table when no-arp-suppression is configured
1410941 Missing entry in "show ipv6 neighbors " with proxy-macip-advertisement
 
Ocassionally, there could be missing entry in "show ipv6 neighbors" for remotely learnt mac+ip entries when proxy-macip-advertisement is configured. This will get re-added when ping is initiated from spine to destination.
1416711 QFX:EVPN-VXLAN: IPv6 entries are missing randomly post trigger on ERB topo
 
Ocassionally, there could be missing entry in "show ipv6 neighbors" for remotely learnt mac+ip entries when routing daemon is restarted or BGP is flapped This will get re-added when ping is initiated from spine to destination.
PR Number Synopsis Category: Express PFE including evpn, vxlan
1416925 The dcpfe crash might be seen in EVPN-VXLAN scenario
 
Under extremely rare circumstances, on QFX10000 series platforms with EVPN-VXLAN scenario, the FPC PFE may crash because of an external event like a rpd restart.
PR Number Synopsis Category: Express PFE L2 fwding Features
1410166 QFX10008:EVPN-VXLAN:Traffic Loss against pgq_stats drop after RE switchover and FPC Offline/Online
 
During a FPC offline->online remote ifd add messages are received by the FPC but not the link up. The VOQ's are enabled on the FPC based on the link up. Since LINK up message is not received, VOQ remain disabled and hence traffic drop seen (VOQ disabled drops/PGQ drops).
PR Number Synopsis Category: Express PFE L3 Features
1401949 ERSPAN does not work if destination IP is resolved over ECMP path on QFX10K
 
GRE tunnels does not work if underlay is ECMP. So ERSPAN which uses GRE to reach the remote destination does not work if destination IP is resolved over ECMP
PR Number Synopsis Category: Kernel MX virtual-chassis PRs
1332765 JDI-RCT:M/Mx: during restart routing in VcMm (member 0), fpcs in member 1 went for restart resulting in VC split with 18.2DCb in MXVC box
 
With regard to FPC restarts or Virtual Chassis splits, the design of MX Series Virtual Chassis infrastructure relies on the integrity of the TCP connections and hence the reactions to failure situations might not be handled in graceful way. For example, TCP connection timeout because of jlock hog crossing boundary value (5 seconds) can cause bad consequences in MX Series Virtual Chassis. Currently, there is no other easy solutions exist to reduce this jlock hog besides enabling marker infrastructure in a MX Series Virtual Chassis setup. Unfortunately, there is no immediate plan on enabling marker as it was causing a lot of issues in MX Series Virtual Chassis when we tried to enable it.
PR Number Synopsis Category: Layer2 forwarding on EX/NTF/PTX/QFX
1395685 L3 gateway did not update ARP entries if IP or MAC quickly move from one router to another router in EVPN-VXLAN environment
 
If IP or MAC quickly move from one router to another router in a highly scaled EVPN-VXLAN environment, such as 1000+ simultaneous VMs mobility events where the VMs move to a new leaf switch and the VM MAC addresses are also changed, L3 gateway did not update ARP entries with new location of the VM and MAC.
PR Number Synopsis Category: Multiprotocol Label Switching
1282369 The rpd on backup RE might crash when the rpd on master RE restarts
 
With nonstop active routing (NSR), when the routing protocol process (rpd) restarts on the master Routing Engine, the rpd on the backup Routing Engine might restart.
PR Number Synopsis Category: Bugs related to ethernet interface on MX platform
1369382 Error messages about mic_sfp_phy_mdio_sgmii_lnk_op might be seen after FPC is booting up on MX Series or EX9200 platform.
 
When the FPC is booting up (either during unified ISSU or router reboot or FPC restart), I2C timeout errors for SFP are noticed. These errors are seen because the I2C action is not completed as the device was busy. After the FPC is up, all the I2C transactions to the device were normal, so no periodic failure is observed. There is no functional impact and these errors can be ignored.
PR Number Synopsis Category: MX l2ng native analyzer
1409707 EVPN-VXLAN: Port mirroring on remote router for egress port is not happening, packets are not getting mirrored
 
analyzer (i.e. set forwarding options analyzer) does not support EVPN-VXLAN.
1409867 EVPN VXLAN: Port mirroring for local monitoring for ae port is not working for egress, packets are not mirrored
 
Analyzer does not support EVPN VXLAN
PR Number Synopsis Category: FreeBSD Kernel Infrastructure
1337826 The command "request system zeroize" may cause the device to end in a continuous reboot state
 
The command "request system zeroize" will result in the device going to a continuous reboot on EX platforms.
1382789 EX2300-c High CPU utilization due to process rand_harvestq
 
EX2300-c exhibits high CPU due to the rand_harvesteq process after upgrade to 18.X Junos version. It also can result in a socket connection drop issue. This problem is fixed starting in the following releases: 18.1R2-S4, 18.2R3, 18.3R2, 18.4R1-S2 and 19.1R1.
1439189 The recovery snapshot cannot be created after system zeroize
 
On EX2300/3400 platforms, the recovery snapshot might not be able to be created after a system zeroize. This is due to certain hardware space limitation over time where there is not enough space to save full snapshot.
PR Number Synopsis Category: Kernel Stats Infrastructure
1398128 The alarm might be seen if the PEM's serial number starts with "1F1"
 
On ACX/EX/QFX/SRX platforms, if the PEM's serial number starts with "1F1", the alarm "Minor FPC PEM Temp Sensor Failed" might be seen.
PR Number Synopsis Category: Path computation client daemon
1395205 Junos OS: Upon receipt of certain types of malformed PCEP packets the pccd process may crash. [CVE-2020-1601]
 
Certain types of malformed Path Computation Element Protocol (PCEP) packets when received and processed by a Juniper Networks Junos OS device serving as a Path Computation Element (PCE) in a PCEP environment using Juniper's path computational element protocol daemon (pccd) process allows an attacker to cause the pccd process to crash and generate a core file thereby causing a Denial of Service (DoS). Refer to https://kb.juniper.net/JSA10980 for more information.
PR Number Synopsis Category: Protocol Independant Multicast
1401802 There might be unexpected packets drop in MoFRR scenario if active RPF path is disabled
 
On Junos platform which have Multicast Only Fast Reroute (MoFRR) and Join Load Balance (JLB) Automatic features enabled, if it's configured by scaled setup (e.g. with around 3k multicast routes), when the active Reverse Path Forwarding (RPF) path is disabled by some operations (e.g. the metric of the active interface is increased to make it not be active anymore), there might be unexpected packets drop for about 5 seconds due to this timing issue.
PR Number Synopsis Category: Chassis mgmt for all QFX systems - chassis MIB, alarms, CLI
1405877 [QFX10002] SNMP trap for PSU removal/insertion is not generated
 
SNMP trap for PSU removal is under Virtual Chassis module. Since, QFX10002 is a non-VC device, the code to generate SNMP trap for a PSU removal is move to the non-VC module.
PR Number Synopsis Category: QFX Platform related (SYSLOG/ALARMS/miscellaneous)
1289782 Problems at the time of mounting causes only partial configuration to be committed by ZTP
 
When you run "request system reboot", the box undergoes zeroization, which triggers zero-touch provisioning (ZTP). During the mounting stage, "/var/db/scripts/import" does not get created, which later causes the configuration to be committed partially. This is seen in the warning "Warning: Commit failed, activating partial configuration. Warning: Edit the router configuration to fix these errors." Root-Cause has not been identified for this problem.
1412241 TPI-57956: 18.1R3-S3 : L2 gateway ( QFX5110 ) dcpfe/fpc is not coming up after a reboot
 
Rarely on some reboots, there is a possibility of hitting RPM DB corruption in Linux host. Issue observed in this case had the RPM daemon utilising very high CPU and not allowing any of the host daemons to run. This lead to dcpfe not able to get a chance to start/run, once a reboot of the device was done. There is no fix or resolution provided in Linux and only work-around is available to restore the device.
PR Number Synopsis Category: QFX access control list
1241733 The pfe process might crash after changing the filter for lo0 interface
 
On EX4600/QFX5100/QFX5110/QFX5200/ACX5K switches, the dcpfe might create a core file when the applied lo0 firewall filter term is changed in scaled conditions.
PR Number Synopsis Category: Filters
1393453 TPI-57956: 18.1 : QFX5110 - Traffic flow not hitting expected L2 firewall filter counter
 
For IPACL_VXLAN filter, in case when user-vlan-id is not specified as a match condition, Junos allocates an entry for ?each VLAN the port is part of + Firewall term? pair. If an access interface is a part of m number of VLANS and filter has n number of terms, then the TCAM entries needed for the filter is ?(m x n) + 1? ,the extra entry would be the default entry.This is Limited by the HW scale available at the time of Configuration.
PR Number Synopsis Category: QFX L2 PFE
1382209 LACP might stuck in Detached state on QFX5K platforms in VXLAN scenario
 
On QFX5K platforms with LACP configured, if an AE interface has native-vlan-id configured and that native vlan is VXLAN enabled, LACP on that interface might stop processing received LACP PDUs and stuck in Detached state. LACP in Detached state will not carry traffic.
1407557 TPI-57956: Igmp snooping needs to be enabled on all EVPN VXLAN vxlans and not subset of VXLANs were Multicast receivers are expected
 
This PR has been created to document the behavior of IGMP-Snooping with EVPN-VXLAN on 5110 (Only 5110 supports this feature). When there are multiple VxLans, the vteps are always shared between the same peers. In such a scenario, all the vxlans which share the vtep between each other, have the same HW settings between them. Hence, all vxlans which share the vteps should all have igmp-snooping configured on them or none of them should have snooping configured. This limitation is only for vxlans which share the vteps. Also, this limitation is only applicable to vxlans. This means, if there are normal VLANS and VXLANs on the same box, the snooping configured on vxlans or not, should not affect the normal vlans.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1371611 The L2 bridge domain might fail to create on PFE after changing VLAN configuration
 
The L2 bridge domain might fail to create on PFE after changing VLAN configuration. For example, there are 3 vlans V1001, V1002 and V1003. V1001 is deleted and V1002's vlan-id and vni is changed to that of V1001 and a new vlan V1200 is added with the vlan-id and vni of vlan V1002. After the above changes, V1200 is not created in PFE and the other 2 vlans are functioning as expected. The reason for the new vlan not created is due to out of order messages. This is a timing issue.
PR Number Synopsis Category: QFX MPLS PFE
1396014 BRCM_NH-, brcm_bcm_mpls_tunnel_initiator_clear(), 226:bcm_mpls_tunnel_initiator_get failed intf = 4 failure error logs might seen in syslog
 
MPLS config changes/topology changes might result in the tunnel initiator clear messages in the syslog.
PR Number Synopsis Category: QFX EVPN / VxLAN
1388811 ARP received on SP-Style interface not sent to all RVTEPs in case of QFX5100 VC only, normal BUM traffic works fine
 
ARP received on SP-Style interface not sent to all RVTEPs in case of QFX5100 VC only, normal BUM traffic works fine
1399002 L2 Multicast and Broadcast Convergence is high while deleting and adding back the scale configs of Vlans and VXLAN
 
L2 multicast and broadcast convergence is high while deleting and adding back the scale configurations of VLANs and VXLANs.
PR Number Synopsis Category: QFX VC Infrastructure
1414492 VC Ports using DAC may not establish link on QFX5200
 
On QFX5200, when virtual-chassis is configured, if the QSFP configured as VCP is removed and then inserted, VC Ports using direct attach copper (DAC) may not establish link.
PR Number Synopsis Category: Resource Reservation Protocol
1442789 The backup LSP Path messages are rejected if the bypass tunnel path is an inter-area LSP
 
With a protected LSP configured with strict hops, if a bypass tunnel for the protected LSP happens to be an inter-area LSP (the bypass tunnel destination is on a node behind the ABR along the bypass tunnel path), then the backup LSP Path messages generated by the Point of Local Repair (PLR) are encoded incorrectly causing the Merge Point (MP) to reject the backup LSP Path messages.
PR Number Synopsis Category: Generic platform and infra issues for MS-MIC and MS-MPC(XLP)
1402260 The mspmand process might crash with lots of error logs seen in high scaled MX platforms with MS-MPC/MS-MIC
 
On MX platforms with MS-MPC/MS-MIC, if "services-options tcp-tickles" is enabled for the Transmission Control Protocol (TCP) traffic which needs TCP tickles packets, when there are high scale of application sessions and traffic loaded (e.g. 200K sessions), there might be lots of error logs observed, together with the service interface flapping and the mspmand process crash.
PR Number Synopsis Category: MPC7/8/9 chassis issues
1380183 MQSS errors might cause FPC restart.
 
On EX9200, MX platform with MPC7E/8E/9E, MX204/MX10003/MX10008/MX10016, a physical interface link flaps continuously might cause MQSS errors which might cause the restart process of FPC for fault handling, and packets drop might be seen during the self-recovery process.
PR Number Synopsis Category: Issues related to broadband edge apps (PPP, DHCP) on Trio ch
1402345 The MPC might crash due to CPU overuse by dfw thread.
 
When a large amount of packets hit the firewall filter term action 'syslog' and a thread hogs CPU for more than 4 minutes, the MPC might crash.
PR Number Synopsis Category: Trio pfe bridging, learning, stp, oam, irb software
1362934 Newly elected DF does not resume BUM traffic forwarding until ~90 seconds after BDF stops forwarding on MX series
 
With 17.3R3 on MX series, on moving from the baseline configuration to EVPN scaled (4000 VLANs) config with multihoming, the newly elected designated forwarder may take up to 90 seconds to resume forwarding BUM traffic. The time required for convergence is proportional to the scale used, so a lower scale incurs a smaller dark window. Workaround for faster convergence with high scale: Distributing the configuration across several FPCs can potentially bring down the BUM traffic drop from 90 seconds to a significantly lower value.
1369365 Inter-VN and Intra-VN traffic between PEs is suspected to be affected when LT interface is used with the family bridge in service provider or enterprise style confguration
 
Inter-VN and Intra-VN traffic between PEs is suspected to be affected ONLY when LT interface is used with the family bridge in service provider or enterprise style configuration.
PR Number Synopsis Category: PFE on Aggregation Device
1352827 v44: Partial ingress traffic is mirrored after AD/SD reboots.
 
Partial ingress traffic can be mirrored on V44 setup with few triggers, like AD/SD reboot, configuration reboot of traffic generator connected to SDs etc. Flap of mirror output interface resolves the issue.
PR Number Synopsis Category: Virtual Private Networks - rpd
1356763 Junos OS: The routing protocol process (rpd) may crash and generate core files upon receipt of specific valid BGP states from a peered host. (CVE-2019-0059)
 
A memory leak vulnerability in the of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific commands from a peered BGP host and having those BGP states delivered to the vulnerable device.
Modification History:
Updated due to internal review 2020-03-05
First publication 2019-02-15
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search