Knowledge Search


×
 

18.1R3-S4: Software Release Notification for Junos Software Service Release version 18.1R3-S4

  [TSB17544] Show Article Properties


Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, MX, PTX, QFX, SRX, NFX, VMX, VRR, Network Agent
Alert Description:
Junos Software Service Release version is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

Junos Software service Release version 18.1R3-S4 is now available.

The following are incremental changes in 18.1R3-S4.

 
PR Number Synopsis Description
1132770

Ping does not go through device after WTR timer expires in ERPS scenario

On EX4300 series switches in Ethernet Ring Protection Switching (ERPS) scenario, control plane might assign more than one STP instance to a VLAN on ERPS ring after system reboot, this will cause Ping packets forwarding issue.

1232178

The RE-PFE out-of-sync errors might be seen in syslog

When a configuration that moves the Packet Forwarding Engine offline and another configuration that brings the Packet Forwarding Engine back online are committed in quick succession, out-of-synchronization syslog errors might occur. Most of the time these are benign errors, but sometimes these errors might result in Packet Forwarding Engine crash.

1286709

The 1G copper module interface shows "Link-mode: Half-duplex" on QFX10000 line platforms

On QFX10k Series platforms (QFX10002, QFX10008, QFX10016), the 1G copper module interface on 10G line card (QFX10000-60S-6Q) incorrectly displays with 'Link-mode: Half-duplex'.

1350733

lt- interface gets deleted with tunnel-services configuration still present.

When tunnel interface is used as anchor-port in pseudo-wire services, while deleting the set interface config causing the tunnel-services interface to get deleted. Deleting pseudo serives alone will not have an effect on tunnel-services interfaces.

1369731

Some harmless log messages are suppressed on the backup SPMB.

Unsuccessful connection attempts will not be logged on the backup SPMB.

1372875

kernel and ksyncd core after dual cb flap at rt_nhfind_params: rt_nhfind() found an nh different from that onmaster 30326.

A scaled gnf may dump live kernel cores, as well as a ksysncd core on the BU RE, when recovering from a BSYS reboot (or a disconnection and reattachment of all 4 external control board connections).

1373803

Login lockout might never expire because the timestamp of "Lockout start" and "Lockout end" are same

Because the timestamp of "Lockout start" and "Lockout end" are same, even after the lockout period is expired, the user might be locked out permanently from logging in.

1375332

RIPv2 update packets might not send with IGMP snooping enabled

RIPv2 update packets might not send with IGMP snooping enabled. It might cause the RIP protocol not to come up.

1377447

Debug log message, "expr_nh_flabel_check_overwrite: Caller nh_id params", classified as Error Log when it should be LOG_INFO.

Debug logs are printed as error logs in /var/log/messages. Debug log message, "expr_nh_flabel_check_overwrite: Caller nh_id params", classified as Error Log when it should be LOG_INFO

1379433

DNS requests with EDNS options might be dropped by DNS ALG

On SRX platforms with DNS ALG enabled, the DNS requests with Extension mechanisms for DNS (EDNS) additional options might be dropped by DNS ALG.

1380600

The routes learned over an interface will be marked as "dead" next-hop after changing the prefix-length of IPv6 address on that interface

If an interface is configured with 128 prefix length for IPv6 address, the route learned over that interface might be marked as "dead" next-hop after the prefix length is changed from 128 to any other prefix length.

1381446

Traffic blackhole caused by FPC offline in MC-LAG scenario

On a Junos device in the multichassis link aggregation group (MC-LAG) scenario with integrated routing and bridging (IRB) interface and enhanced-convergence enabled, if the MC-LAG has only one member link, after taking offline the FPC hosting that member link and then clearing ARP, the traffic which is expected to egress the interchassis link (ICL) might get dropped, due to the nexthop being incorrectly set as Discard by code in Junos kernel.

1383642

In a Junos Fusion (MC-LAG based) deployment with dual Aggregation Devices (ADs) and dual-homed Satellite Devices (SDs) it may be possible for SDs to get into a state where LACP will not transmit to attached end/client devices.

When a Satellite Device (SD) boots up (powered on) it receives the SD configuration file from the Aggregation Devices (ADs). If the SD is configured to be dual-homed to both ADs (connections from one SD to both AD1/AD2) it will receive a configuration file which instructs the SD to communicate to both ADs. If one of the ADs is offline at the time the SD receives the configuration file specifying AD Redundancy then the SD will not be able to properly transmit LACP PDUs until it communicates and synchronizes with both ADs as specified in the received configuration.

1384929

MPLS LSP will keep down state due to routing loop detection after flapping link between P router and egress PE.

MPLS LSP will keep down state due to routing loop detection after flapping link between P router and egress PE under setting "expand-loose-hop" knob to the P router.

1385454

The packets drop might be seen in lower priority queues on PTX-Series or QFX10000-Series platforms.

On all PTX-Series or QFX10002/QFX10008/QFX10016 platforms with CoS deployed, all the physical member interfaces of Aggregated Ethernet (AE) might drop the packets in lower priority queues when micro-bursts are received. These micro-burst are typically due to the speed differential between ingress interface (e.g. 100G) and egress interface (e.g. 10G). Typically it occurs when a large burst of high priority traffic and lower priority traffic arrive simultaneously.

1386768

Changing the value of mac-table-size to default may lead all FPC to reboot

If the value of mac-table-size of a given VLAN which is carrying traffic is changed to default, then the layer 2 forward table ( IFL-List ) needs to be re-associated with Flush-List which keeps the newest MAC list pushed by the Route Engine ( RE ), then the IFL-List must be deleted for this re-association. However, when the MAC entries are deleted, their flags might still remain in the IFL-List, that causes the MAC deletion failure, also the update of the Flush-List might get stuck. Consequently, all FPC might reboot.

1388211

Unicast DHCP request get misforwarded to backup RTG link on EX4300-VC

Issue can be seen with the following setup: on no 1. EX4300-VC 2. Using Redundant Trunk Group 3. DHCP traffic being snooped by RE 4. Active RTG link on non master RE member.

1388290

IPsec IKE keys are not cleared when delete/clear notification is received

IPsec IKE keys are not cleared when delete/clear notification is received from the peer on GRES enabled device.

1388479

Certain log messages might be observed on QFX platforms

On QFX platforms, when Power budgeting is executing, log message "PEM power status has changed, run power budget again" might be seen.

1388811

ARP received on SP-Style interface not sent to all RVTEPs in case of QFX5100 VC only, normal BUM traffic works fine

ARP received on SP-Style interface not sent to all RVTEPs in case of QFX5100 VC only, normal BUM traffic works fine

1389809

jlock hog reported at restart routing

In a scaled configuration its possible that a jlock_hog can be reported in the syslog after a restart routing. This message is informational and indicates contention for RPD resources.

1392575

On QFX10K switches, wrong destination MAC addresses starting with 45 might show up when using the "show arp hostname" command

On QFX10K switches, wrong destination MAC addresses might show up when using the "show arp hostname" command

1393405

Interface flaps on an EX3400VC causes interface generated IGMP query packets 224.0.0.1 to be sent to all the members ports, except the master fpc.

EX3400VC - When an interface in a VC-member switch which is not master, is flapped, IGMP query packets 224.0.0.1 are sent to all the members ports except the master fpc. This causes the interface mac for the flapped interface to be learned upstream.

1393628

10G copper link flapping might happen during TISSU operation of QFX5100-48T switches

On QFX5100-48T switches, when doing TISSU (Topology Independent In-Service Software Upgrade) operation, link flaps on 10G copper interfaces might be observed on the peer device. These flaps might cause unexpected failover of the connected PC/servers, which results in service impact.

1395620

DCD crashes on deleting the sub interface from VPLS routing-instance when the same sub interface is also part of Mesh-group

An interface which is part of VPLS routing-instance and also configured in mesh-group, if deleted from the routing-instance first and then from mesh-group and these changes are done at at time (single commit) then DCD might crash. First, interface from routing-instance is deleted successfully however deleting from mesh-group is leading to the crash. With the fix of the PR this change is handled properly.

1396935

Provide user choice whether to drop a core when we'd normally soft core.

The JUNOS RPD daemon has facilities to attempt to trap certain classes of non-fatal bugs by continuing to run, but leaving a "soft" core file. Leaving a soft core is intended to be non-disruptive to routing and forwarding. This PR implements a mechanism by which users may disable soft cores being generated.

1397325

The BUM traffic might not be flooded in EVPN-MPLS scenario

In EVPN-MPLS (Ethernet VPN - Multiprotocol Label Switching) scenario with bridge-domains used, any configuration change which causes a BD (Bridge Domain) reincarnation (e.g. change of vlan-id-list under bridge-domains) might break the flooding of BUM (Broadcast, Unknown-unicast, Multicast) traffic. The issue leads to BUM traffic loss. All services that relying on BUM traffic might be impacted.

1398000

BGP DMZ LINK BANDWIDTH - not able to aggregate bandwidth , when applying the policy

Due to the lack of initialization of a stack variable in our BGP protocol implementation, the location where the link-bandwidth aggregation limit is stored may be populated with a non-deterministic value. During the calculation of link-bandwidth aggregation value, if the value stored for link-bandwidth aggregation limit is non-zero, that value will be used as the link bandwidth aggregate value. Because of this, it will appear that link-bandwidth aggregation is not operating correctly.

1398362

MPLSoUDP tunnels do not come up on interface route - dyn_tunnel_fwd_route_eligible - reason: nexthops type is interface

MPLSoUDP tunnels do not come up on interface route - dyn_tunnel_fwd_route_eligible - reason: nexthops type is interface

1398502

All FPC reset after routes churn. jlock hog reported: jlock acquired for 1328 msecs

FPC reset might be observed in the following scenarios on a scaled setup: - IGP flap (carrying multiple lsp) - and/or- - clearing multiple MPLS LSP or any similar event causing churn in router

1398888

In 13.3R9.13, firewall filter action, "decapsulate gre", decapsulates gre, ip-over-ip and ipv6-over-ip, but in 17.3R3.9, it only decapsulates gre.

The feature fbt based "gre decap" used to decap GRE, IPIP and IPIPV6 traffic till 16.1 . Later PR-1226830 changed this behavior and allowed only the decapsulation of GRE based traffic. This can cause issues in some customer deployment on newer release upgrade where "gre decap" option was used to decap the IPIP and IPIPv6 traffic as no decap support of IPIP/IPv6 The fix in this PR reinstates the older behavior and makes sure GRE decap option decapsulates the additional IPIP and IPIPv6 traffic apart from Gre.

1399575

EX3400 might not learn 30K MAC address during putting mac learning traffic

When sending 30K mac source traffic EX3400 might not learn 30K MAC address and the l2alm process is spiking.

1399864

EX4300 oam lfm not working on extended-vlan-bridge interface with native vlan

OAM lfm not work on the interface with extended-vlan-bridge and native vlan configuration.

1400380

PEM I2C Failure alarm might be showed incorrectly as failed

PEM I2C Failure alarm might be showed incorrectly as failed due to I2C transaction failure.

1400597

The mgd-api crash due to memory leak

Memory leak in mgd-api then core dump.

1401026

Static demux0 logical interfaces do not come up after config change if underlying interface is et.

Static demux0 logical interfaces do not come up after config change if underlying interface is et ( 100 GE ). After config change et interface gets flushed in order to reparse the config. During this DCD miss to create the dependency between demux0 logical interfaces and underlying et interface which results in flushing off the demux0 logical interfaces. This issue will be seen only if underlying interface is et. For all other interfaces this has been already taken care. This is day one issue. Workaround for this problem is Restarting DCD (or the entire RE reboot), clears the problem or else use 'commit full' instead of commit while committing new config.

1401802

JUNOS BNG Around 5sec packet drop after increase metric active interface of MoFRR configuration

In scenarios when, Standby Path is selected same a MoFRR_Backup Path, we tend to re-trigger MoFRR Backup Path selectio, therefore the MoFRR Backup and Standby path does not remain same, which sends out Prunes on the old_MoFRR_Backup path and also cancels the Triggered/Periodic joins on that interface which leads to traffic loss.

1401854

JET authentication does not work for usernames and passwords of certain lengths.

The authentication module for JET RPCs and Telemetry fails in authenticating usernames or passwords of certain lengths. Hence the users will be unable to execute JET APIs or Junos Streaming Telemetry.

1402175

ATT Whitebox: 'show evpn instance extensive esi' command does not filter output by esi (ATTip45090 )

To filter and see the output of desired ESI or neighbor information of an evpn instance, created two new choices namely "show evpn instance <> esi-info esi <>" "show evpn instance <> neighbor-info neighbor <>".

1403729

Syslog message is seen whenever prefix sid coincides with the node sid

In segment routing scenario, syslog message is seen whenever prefix sid coincides with the node sid. These logs are causing confusion and incorrectly reports duplicate node segment ID duplication. There is no service impact.

1404038

MX-VC VMCORE seen on both VC-MM and VC-BM.

MX-VC VMCORE seen on both VC-MM and VC-BM.

1404088

Incorrect mem stat message is seen in FPC logs of PTX Type 1 FPC

Incorrect mem stat message is seen in FPC logs of PTX Type 1 FPC

1404089

With MS-MPC and MS-MIC service cards SYSLOG messages for port block interim may show 0.0.0.0 for the private-IP and PBA release messages may show the NAT'd IP as the private IP.

With MS-MPC and MS-MIC service cards syslog messages for port block interim may show 0.0.0.0 for the private-IP and PBA release messages may show the NAT'd IP as the private IP. These rare events that only occur when the EIF/Endpoint Independent feature is enabled and should not be seen often. All PBA allocation messages will be accurate so there will be a way to correlate the incorrect SYSLOG messages still with the correct private IP.

1405168

EX4300: Traffic drop may be seen on EX4300 uplink module ports when using 1 Gigabit Ethernet SFP optics with AutoNegotiation enabled.

When a EX4300 send traffic out on 1G SFP ports on uplink modules, the traffic will get dropped in PFE when AutoNegotiation is enabled. By default AutoNegotiation is enabled on 1G SFP ports on the uplink modules. This issue is fixed in 17.3R3-S4 onwards.

1405876

MPC might core dump after restarting FPC that belongs to targeting AE and host subscribers

MPC might core dump after restarting FPC that belongs to targeting AE and host subscribers

1407765

NPC core after daemon restart in jnh_get_oif_nh ( ) routine

During LNS subscriber with COS bring down PFE core may be observed if the corresponding pseudo IFL got deleted before this flow from PFE. Generally Pseudo IFL will get deleted only when all the subscribers using this pseudo IFL goes down. So it is IPC ordering issue which is resulting in NPC core. This is not observed during normal bring up and down of LNS subscribers. It is observed when subscriber bring up/down is coupled with daemon restarts.

1407775

Log messages "dot1xd[]: task_connect: task ESP CLIENT:...: Connection refused" might be reported in Junos 17.4 or later

Messages like the following can appear in log message on devices running Junos 17.4 or later: dot1xd[7683]: task_connect: task ESP CLIENT:33001.128.0.0.1+33001 addr 128.0.0.1+33001: Connection refused dot1xd[7683]: task_connect: task ESP CLIENT:33001.128.0.0.1+33001 addr 128.0.0.1+33001: Connection refused .. The message is cosmetic and can be ignored/filtered out.

1408012

The PFE might get disabled unexpectedly due to a auto correctable non-fatal hardware error on PTX or QFX10002/QFX10008/QFX10016

On PTX or QFX10002/QFX10008/QFX10016, a auto correctable non-fatal hardware error on PE chip (which is ASIC on PTX1000, PTX10002, QFX10002, the third-generation FPC on PTX3000/PTX5000, and the Line card on PTX10008/PTX10016/QFX10008/QFX10016) is reported as 'FATAL' error and hence the related Packet Forwarding Engine (PFE) will get disabled. The code changes have been made to change the error category from 'FATAL' to 'INFO' to avoid the PFE to be disabled unexpectedly.

1408058

Traffic forwarding failed when crossing VCF members

In VCF scenario, if one member of the VCF reboot, when transit unicast traffic across non-directly connected VCF members, traffic forwarding might fail.

1408161

DHCP discover packets getting dropped over VXLAN tunnel on a pure L2 vlan when DHCP relay is enabled for other vlans

DHCP discover packets getting dropped over VXLAN tunnel on a pure L2 vlan when DHCP relay is enabled for other vlans

1408168

Group VPN (GVPN): ToS/DSCP byte is not copied into the outer IPSec header during IP header preservation

With this fix, the following IP header fields of an unencrypted datagram are copied into the transport header: ToS/DSCP, TTL.

1408380

Fan failure alarms might be seen on QFX5100-96S after 17.3R1

On QFX5100-96S, from 17.3R1 release, fan failure alarms might be seen.

1408443

The rpd crashes on static route configuration for multicast source

In multicast routing scenario using PIM, if configuring static route with qualified-next-hop for multicast source, process rpd might crash. This is because qualified-next-hop points to GF_DLI (Gateway Family Data Links) address which PIM is unable to process, resulting in the crash.

1408974

The kmd process might crash on MX/ACX platforms when IKEv2 is used

On MX/ACX platforms, when IKEv2 is used for IPsec VPN and Dead Peer Detection (DPD) is enabled, if IKEv2 rekey interval is very short (about 6-7 minutes), the kmd process might crash, it will lead both VPN peers to tear down the tunnel.

1409398

MX-Service templates are not cleaned up

MX-Service templates are not cleaned up

1409631

Restarting line card on QFX10008/10016 with MC-LAG enhanced-convergence may cause intra-vlan traffic to go a black hole

On QFX10008/10016 platforms, when the FPC come online after a restart, the intra-vlan traffic ingressing on the AE interface might be permanently lost if MC-LAG enhanced-convergence is configured and there is only one member link in MC-LAG is on other FPC.

1410465

When using SFP+, the Interface optic output might be non-zero even the interface has been disabled

When using SFP+, the Interface optic output might be non-zero even the interface has been disabled

1410553

Race conditions during BGP peer establishment causes rpd crash

On all Junos platform, if BGP (Border Gateway Protocol) is configured, and the transport error occurred during BGP peer establishment (e.g. TCP handshake has been completed but the BGP session has not been setup), it might lead to the rpd process crash. It's a rare timing issue due to race condition.

1410970

DMAC problem of IRB interface for traffic over the l2cuircuit

For LT interfaces packets in TX path missing 4 bytes in l2 header

1411179

Extended ports in JFE do not adjust MTU when VoIP is enabled

In Junos Fusion Enterprise (JFE) setups, Voice over IP (VoIP) enabled extended ports on satellite devices (SD) are set to the default Maximum Transmission Unit (MTU) of 1514 bytes. Due to this, the maximum data size is limited to 1468 bytes beyond which packets are dropped with MTU errors (when DF bit is set).

1411376

Kernel replication failure might be seen if an ipv6 route next-hop points to an ether-over-atm-llc ATM interface

If an ipv6 route next-hop points to an ATM interface with encapsulation ether-over-atm-llc, after performing or re-enabling the graceful routing engine switchover, the ksyncd core and vmcore might be seen and the kernel replication might fail, which results in non-synchronization status of routing protocols on both REs.

1412322

MX10003: Rpd crash with switchover-on-routing-crash doesn't trigger RE switchover and the rpd on master RE goes into STOP state

If the rpd (routing protocol daemon) crashes with 'switchover-on-routing-crash' knob enabled on MX10003 platform, the RE switchover might not happen and the rpd on master RE goes into STOP state. All protocols go down and the rpd remains in STOP state until manual recovery is done.

1412534

Family inet of the unnumbered interface might be getting deleted when deleting one of the IPs of the binding interface

When an unnumbered interface is binding to an interface which has more than one IP address and one of the IPs is deleted, the family inet of the unnumbered interface might be getting deleted. The issue results in traffic loss for all the services that rely on the family inet of the unnumbered interface. Configure preferred-source-address on the unnumbered interface will prevent deletion of the IP hence avoiding the deletion of the family inet of the unnumbered interface.

1413807

Number of inet-arp policers implemented on ACX 5k has been increased from 16 to 64

Number of inet-arp policers is increased from 16 to 64 for ACX5K.

1414021

The CPU utilization of the rpd process is stuck at 100% if BGP multipath is configured

In BGP with the indirect next-hop scenario, if uRPF or route record is enabled, and then enable BGP multipath, a background job loop might be formed and the CPU utilization of rpd process might be stuck at 100%.

1414092

jpppd core dump on LNS

jpppd core dump on LNS

1414496

With arp-suppression enabled, QFX5K/EX46 may not forward IPv6 Router Solicitations or Advertisements packets.

In Vxlan scenario, when arp-suppression enabled on QFX5K/EX46 platforms, the device may not pass IPv6 router Solicitation and Advertisements packets.

1414706

Firewall filters are not getting programmed into PFE

In the subscriber environment, if the client profile has no filters while the service profile has filters, after a subscriber login, the ifstate compression might be seen when deleting the current filters and then adding a different filter. When this occurs, the firewall filter might be corrupted.

1414965

LDP Native IPv6 loopback remains in inet6.3 after removing IPv6 address from core interface

LDP IPv6 interface would not come up without IPv6 interface address configured.

1415042

The user might not enter into configure mode due to mgd is in lockf status

If "commit confirmed xx" is executed, and then the following up commit which is issued at the cusp of expiration of the first commit confirmed time period, a race condition and rollback might be hit. At last, it may cause the mgd process to be in lockf status. Thus, the user might not enter into configure mode anymore.

1415224

PCE Initiated LSPs get deleted from PCC if PCEP session goes down and gets re-established within "delegation-cleanup-timeout" period

PCE Initiated LSPs get deleted from PCC if PCEP session goes down and gets re-established within "delegation-cleanup-timeout" period

1415450

VXLAN Encapsulation nexthop (VENH) doesnt get installed during BGP flap or restart routing.

During BGP flap, route delete and route add request to RPD might get compressed which results in VXLAN DB not getting updated with right unicast NH to stitch it with VENH. So VENH will not having unicast NH to forward the traffic. This can be seen using nhinfo in kernel or "show nhdb id <> recursive" in FPC VTY.

1415769

QFX5100 is not forwarding the traffic that is triple tag if the software version is above 14.1X53-D27

14.1X53-D35

1415898

swap memory is not initialized on boot on ACX5048

Swap memory is not initialized by default on boot. This can be verified by "show system process extensive" output. Example: Mem: 488M Active, 166M Inact, 433M Wired, 648M Cache, 69M Buf, 114M Free Swap: >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> No swap memory After the fix of this PR swap memory will be initialized on boot. Mem: 508M Active, 166M Inact, 434M Wired, 648M Cache, 69M Buf, 92M Free Swap: 1106M Total, 1106M Free >>>>>>>>>>>>>>>>>>>>>>||$$ initialised

1415922

The bbe-smgd process might have memory leak while running "show system subscriber-management route route-type <> routing-instance <>"

On MX platforms enabled with enhanced subscriber management, if the route-type and the routing-instance are used at the same time, there might be memory leak in the bbe-smgd process while running the command "show system subscriber-management route route-type <> routing-instance <>".

1416016

L2TP LAC may not tunnel static PPP subscriber when add/change interface events for related PPP logical interface comes in a short time interval

In some rare situations due to interface event message compressing a static pp0 logical interface may not be added in the jl2tpd database causing inability to tunnel a subscriber over that interface to L2TP LNS. In that case logs: Feb 15 12:55:44.508952 processIflChangeEvent: entry does not exist for pp0.1680 ifl index = 2561 Feb 15 12:56:02.629603 sendTunnelResp: NACK for sdbId = 4567611, iflIndex = 2561, sessionStartTime = 0, tunnelUid = UID null will be seen in the jl2tpd traceoptions.

1416516

LDP route missing in inet.3 when enable TI-LFA loose node protection on LDP-SR stitching node

When LDP has a LDP-SR stitching route present because of mapping client,in that scenario, LDP ignores other routes received from the flash in inet.0 table. To solve this problem, we re-flash the inet.0 routes when SR mapping client route is going away. However in case where LDP is deleting the nexthops while deleting theroute, LDP mapping client status is not correctly identified & as a result the re-flash of inet.0 route is missed. Fix is to re-flash the inet.0 route if route is a SR mapping client route & it's nexthops are getting cleaned up.

1417186

The ECMP fast reroute protection feature might not work on MX5/10/40/80/104

The Equal Cost Multipath (ECMP) fast reroute protection feature (which is enabled via 'routing-options forwarding-table ecmp-fast-reroute') might not work on MX5/10/40/80/104.

1418425

Traffic loss could be seen for duration of hold-time down timer when flapping an interface with hold-time down timer configured

On PTX with FPC3 installed, traffic loss could be seen for duration of hold-time down timer when flapping an interface with hold-time down timer configured.

1418444

RE CPU utilization is high and eventd is consuming a lot of resources

RE CPU utilization goes high with eventd consuming most CPU resource when the sampling is configured.

1418705

Syslog filtering(match "regular-expression" knob) doen't work if each line of /etc/syslog.conf is over 2048 bytes.

If each line of /etc/syslog.conf is above 2048 bytes, syslog match filtering doesn't work for local syslog files or remote syslog servers. e.g. for filtering "show system uptime" interactive command.But above 2048 byte of syslog.conf entry, "show system uptime" is logged. set system syslog file messages any any set system syslog file messages match "!(aaaa~~~~snip~~aaaa|show system uptime)" root@:/var/home/labroot # cat /etc/syslog.conf *.*;daemon.* /var/log/messages % +regex="!(aaaa~~~snip===|show system uptime)" <-----if each line of syslog.conf is more than 2048, it will fail to filter the logs.

1418960

PPPoE compliance issue with RFC2516, the MX allows PPPoE session-id 65535.

PPPoE compliance issue with RFC2516, the MX allows PPPoE session-id 65535.

1419541

MX can encounter CPU spikes on Service PIC when bringing up an IPsec peer against a DEP/NAT-T setup due to KMD injecting a 0.0.0.0/0 route.

MX can encounter CPU spikes on Service PIC when bringing up an IPsec peer against a DEP/NAT-T setup due to KMD injecting a 0.0.0.0/0 route.

1419816

The jdhcpd process might consistently run at 100% CPU and not provide service if the 'delay-offer' is configured for DHCP local server

If the 'delay-offer' is configured for DHCP local server, the jdhcpd process might consistently run at 100% CPU because the delay-offer implementation might cause the jdhcpd to get stuck in a recursive loop during the timer event processing. Due to the degraded jdhcpd process, the DHCP clients might not get connected and serviced, and the operations like clearing DHCP bindings or running DHCP CLI commands might fail.

1420294

ARP entry still pointing to failed VTEP after PE-CE link failure for multihomed remote ESI

In EVPN/VXLAN scenario, if PE-CE link failure for multihomed remote ESI, the ARP entry might still pointing to failed VTEP interface.

1420976

op url command can't run a script with libs from /config/scripts

op scripts with libs import may fail to run with op url command and "load-scripts-from-flash" knob configured

1422171

IPsec SA may not come up when the Local gateway address is a VIP for a VRRP configured interface.

IPsec SA may not come up when the Local gateway address is a VIP for a VRRP configured interface.

Related Links: