Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

17.4R1-S8: Software Release Notification for Junos Software Service Release version 17.4R1-S8



Article ID: TSB17590 TECHNICAL_BULLETINS Last Updated: 18 Jun 2019Version: 1.0
Alert Type:
SRN - Software Release Notification
Product Affected:
Alert Description:
Junos Software Service Release version is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts

Junos Software service Release version 17.4R1-S8 is now available.

The following are incremental changes in 17.4R1-S8.

PR Number Synopsis Description

The incorrect error number might be reported for syslog messages with the prefix of %DAEMON-3-RPD_KRT_Q_RETRIES

Syslog messages with the prefix of "%DAEMON-3-RPD_KRT_Q_RETRIES:" might report an incorrect error number.


Momentary traffic loss may happen when a GRES is performed

During performing Graceful Routing Engine Switchover (GRES), in rare condition, momentary traffic loss may happen, which last about 10 sec.


The kernel crash might be observed when there is a firewall filter modification

In firewall scenario, when the apply-path statement is used to expand a prefix-list pointed to a defined path, if any configuration modification causes the prefix-list changes, in a rare condition, the kernel crash might happen. Traffic disruption might be seen if NSR (Nonstop active routing) is not used during the crash.


The rpd may crash in BGP LU and LDP scenario

In Border Gateway Protocol (BGP) labeled-unicast (LU) scenario, when labeled BGP route leaked into Label Distribution Protocol (LDP) using the LDP egress policy and either "set protocols mpls traffic-engineering mpls-forwarding" or "bgp-igp-both-ribs" is configured, after the BGP route get deleted in one routing table (either inet.3 or inet.0), the LDP may spin to allocate and deallocate label until it runs out of labels. This will cause an RPD crash.


QFX5000 Series EX4300 EX4600: A stack buffer overflow vulnerability in Packet Forwarding Engine manager (FXPC) process (CVE-2019-0008)

QFX5000 Series EX4300 EX4600: A stack buffer overflow vulnerability in Packet Forwarding Engine manager (FXPC) process (CVE-2019-0008); Refer to for more information.


The TCP connection between ppmd and ppman might be dropped due to a kernel issue

The periodic packet management process daemon (ppmd) off-loads time-sensitive periodic processing from various clients to a single daemon. It is responsible for periodic transmission of packets on behalf of its various clients. Due to a kernel issue, the TCP connection between ppmd in the Routing Engine (RE) and periodic packet manager (ppman) in the packet forwarding engine (PFE) might be dropped. It will result in the clients which use ppmd (such as LACP) flapping.


Indirect-next-hop pointing to unknown unilist stuck with weight 65535 after a link flap

When forwarding chain is unilist_1->indirect-next-hop->unilist_2, any change in unilist_2 active member list will be absorbed by indirect-next-hop in the chain and the change will not be back propagated to top-level unilist_1. If a link flap it will cause indirect-next-hop pointing to unilist_2 stuck with weight 65535 and further causing traffic blackholing.


FPC might crash during next hop change when using MPLS inline-jflow

On MX platforms with MPLS inline-jflow configured, FPC might crash during next hop change due to another FPC reboot or an interface flap, some traffic will be blackholed during the crash.


Traffic is dropped after FPC reboot with AE member links deactivated by a remote device

On JUNOS routers and switches with Link Aggregation Control Protocol (LACP) enabled, deactivating a remote Aggregate Ethernet (AE) member link will make the local member link move to LACP Detached state. The Detached link will be invalidated from the PFE AE-Forwarding table as expected. However, if the device is rebooted with this state, all the member links will be enabled in PFE AE-Forwarding table irrespective of LACP states and result in traffic drop.

Modification History:
First publication date 2019-06-10
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search