Knowledge Search


×
 

18.3R1-S4: Software Release Notification for Junos Software Service Release version 18.3R1-S4

  [TSB17589] Show Article Properties


Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, PTX, MX, QFX, vMX, vRR, NFX, SRX, vSRX
Alert Description:
Junos Software Service Release version is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

Junos Software service Release version 18.3R1-S4 is now available.

PRs found and not fixed in 18.3R1-S4

PR Number Synopsis Description
1442376 EX2300 platforms with some specific releases might stop forwarding traffic or responding to console On EX2300/EX2300-C/EX2300-MP platforms, if Junos software is with FreeBSD kernel version 11 with the build date on or after 2019-02-12, the switch may stop forwarding traffic or responding to console. A reboot is required to restore the service.
     

 

The following are incremental changes in 18.3R1-S4.

 
PR Number Synopsis Description
1337304

Junos OS: RPD process crashes when BGP peer restarts (CVE-2019-0049)

Junos OS: RPD process crashes when BGP peer restarts (CVE-2019-0049); Refer to https://kb.juniper.net/JSA10943 for more information.

1337340

On QFX5100 platforms, LR4 QSFP can take up to 15 min to come up after VC reboot

On QFX5100 platforms, LR4 QSFPs might take take longer to come up than others (up to 15 minutes). This is a intermittent occurrence.

1399214

ACX5448: Not able to configure Bridge Domain more than 1024, Using 100G and AE interface in BD.

BD scale limit beyond 1024 is not available in this release.

1405956

QFX5120 : In VxLAN-EVPN configuration , transition from collapsed to non-collapsed L2/L3 GW and vice versa needs switch reload

On a QFX5120 system Transition from VXLAN/EVPN collapsed to non-collapsed L2/L3 GW and vice versa needs switch reload due to stale source vtep IP.

1406502

IGMP-snooping on EVPN-VXLAN might impact OSPF hello packets flooding after VTEP leaf reboot

In EVPN-VXLAN (Ethernet VPN - Virtual Extensible LAN protocol) scenario, if IGMP-snooping (Internet Group Management Protocol) is configured, OSPF (Open Shortest Path First) hello packets flooding might be broken after the VTEP (VXLAN Tunnel Endpoint) reboot. After the reboot, OSPF hello packets are received by the VTEP, but they might be no longer flooded out. The issue results in OSPF neighbor down which leads to traffic loss.

1418955

Junos OS: MX Series: An MPC10 Denial of Service (DoS) due to OSPF states transitioning to Down, causes traffic to stop forwarding through the device.

This issue only affects devices with three (3) or more MPC10's installed in a single chassis with OSPF enabled and configured on the device. An Insufficient Resource Pool weakness allows an attacker to cause the device's Open Shortest Path First (OSPF) states to transition to Down, resulting in a Denial of Service (DoS) attack.

1419533

Junos OS: OpenSSL Security Advisory [26 Feb 2019]

The OpenSSL project has published a security advisory for a vulnerability resolved in the OpenSSL library on February 28, 2019. Refer to https://kb.juniper.net/JSA10949 for more information.

1419731

The route-filter-list with non-continuous match might not work as expected after being updated

When route-filter-list is updated, the deletion of older router-filter-list is not taking effect. This results in both new and old router-filter-list presenting in the tree.

1419826

The 100G PSM4 optics connected ports go down randomly during a repeated power cycle

The 100G PSM4 optics go to a state where the link does not come up during a repeated power cycle on QFX5120 Series platforms. This issue happens more frequently when in a negative temperature environment (below -5 degrees Celsius).

1420785

Ping fails over Type-5 tunnel on IRB interfaces under EVPN-VXLAN scenario

On EVPN-VXLAN scenario with Type-5 route used, if ping Type-5 destinations over IRB interfaces, it might fail and packets are all dropped. The reason is that ethernet header is not added into packet to be encapsulated. And this incomplete ICMP ping packet is VXLAN encasulated, which causes failure.

1421110

QFX5120-32C: DHCP binding on client might fail when QFX5120-32C acting as DHCP server, this is seen only for channelized port

QFX5120-32C: DHCP binding on client might fail when QFX5120-32C acting as DHCP server, this is seen only for channelized port. For non channelized port (40G or 100G), this issue is not seen.

1422920

Traffic loss when one of logical interfaces on LAG is deactivated or deleted

If SP style config is used in EX4300, deactivated or deleted one of logical interfaces on LAG would cause traffic failure passing through the same LAG interface. Using EP style config will be a workaround.

1423339

Error seen on vmx with fpc0 ntpd[1040]: frequency file /var/lib/ntp.drift.TEMP: Permission denied

Due to incorrect file authority setting, below error may show up in the log every hour. ntpd[1040]: frequency file /var/lib/ntp.drift.TEMP: Permission denied

1423705

ON QFX5120-32C , BUM traffic coming over irb underlay interface gets dropped on destination vtep in PIM based VxLAN

BUM traffic coming over irb underlay interface gets dropped on destination VTEP in PIM based VxLAN

1423858

On MX204 Optics "SFP-1GE-FE-E-T" I2C read errors are seen when an SFP-T is inserted into a disabled state port

MX204 supports SFP "SFP-1GE-FE-E-T" from some releases. I2C read errors are seen when an SFP-T is inserted into a disabled state port, configured with "set interface <*> disable" cli command. [M LOG: Err] smic_mx1ru_8xsfpp_mpcs_i2c_read: - SFPP set start_addr failed [M LOG: Err] I2C Failed device: group 0x812 address 0x56 [M LOG: Err] mpcs_i2c_single_io: MPCS(0) ctlr 2 group 2 addr 0x56 prio 1 flags 0x0 failed status 0x1 [M LOG: Err] smic_mx1ru_8xsfpp_mpcs_i2c_read: - SFPP set start_addr failed [M LOG: Err] I2C Failed device: group 0x812 address 0x56 [M LOG: Err] smic_sfpp_ext_phy_get_linkstate: SMIC(0/1) - SFPP ext phy read failed [M LOG: Err] smic_phy_periodic DFE tuning failed for xe-0/1/2 [M LOG: Err] smic_periodic_raw: SMIC(0/1) - Error in PHY periodic function

1424090

All interfaces will be down and the dcpfe will get crash if SFP-T is inserted on QFX5210

On QFX5210 platform starts from Junos 18.1R1, all interfaces will be down and the dcpfe will get crash if SFP-T is inserted on QFX5210. All service will be impacted as all interfaces are down.

1424284

The traffic loss might start after deleting IRB logical interface

On QFX5000 and EX4600 platform with multiple IRB logical interfaces configured, after deleting one of the IRB logical interfaces, packets destined to other IRB logical interfaces where MAC is not configured will get impacted.

1424626

Traffic drop might be seen after link flaps on vMX platforms

On vMX platforms, the link flapping for the ixgbe interface might trigger PF (Physical Function) to reset for ixgbe, but the VF (Virtual Function) reset will not be done. The issue results in traffic drop for the interface.

1424647

QFX5120 QSFP-100G-PSM4 become undetected and come back up as channelized interfaces

When using QSFP-100G-PSM4 transceiver on QFX5120, there is a possibility that after leaving setup idle more than 10 days, the port might not be available as it goes to channelized state and gets stuck there.

1425231

The rpd will crash continuously if MD5 authentication on any protocols is used along with master-password

On all junos platforms running 64-bit mode rpd, the rpd will crash continuously if MD5 authentication on any protocols (like MD5 authentication for BGP/ISIS/OSPF) is used along with master-password.

1426349

Interfaces may come to down after device reboots

On MX204/SRX4600/EX9251 platform, interfaces with the parameter "speed 1g" configured may come to down after device reboots, this is a timing issue and reproduced after about 50 reboots in the test.

1428113

QFX5120-48Y/EX4650-48Y: Interface with optic "QSFP-100GBASE-ER4L" is not coming up in "18.3R1-S2.1"

As part of PR 1410687 changes, behavior was modified to use sequential FPGA access even for single byte EEPROM reads while accessing QSFP transceiver EEPROM via FPGA hardware on QFX5120-48Y/EX4650-48Y. This exposed an issue in vendor driver code due to which high power optics like ER4L and LR4-T2 do not get powered on correctly and hence link does not come up for these optics. The issue is addressed in this fix.

1429536

DHCP-relay may not work in an EVPN-VxLAN scenario

On QFX5110 platforms with an EVPN-VxLAN setup, DHCP-relay may not work if the DHCP server is reached via the routes learnt through EVPN type-5 routes.

1430327

[evpn_vxlan] [default_switch_instance] Onyx - In Collapsed VGA4 script ping on shared ESI R6 to R7 irb address is failing

Sometime when the irb is trying to broadcast an arp request, the arp request may not go out of the chip due to sdk bug, which may lead to arp failure in QFX5120.

1433918

Ping fails over Type-5 tunnel on IRB interfaces under EVPN-VXLAN scenario

On EVPN-VXLAN scenario with Type-5 route used, if ping Type-5 destinations over IRB interfaces, it might fail and packets are all dropped.

1436494

Traffic drop might be seen after deactivate/activate "class-of-service"

On ACX5448 box, after issuing deactivate/activate "class-of-service", traffic drop might be seen.

Modification History:
Updated 2019-10-29 to include PR1442376 in the "Known Issue" section
First publication date 2019-06-07
Related Links: