Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

17.3R3-S5: Software Release Notification for Junos Software Service Release version 17.3R3-S5



Article ID: TSB17600 TECHNICAL_BULLETINS Last Updated: 27 Sep 2019Version: 2.0
Alert Type:
SRN - Software Release Notification
Product Affected:
Alert Description:
Junos Software Service Release version is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts

Junos Software service Release version 17.3R3-S5 is now available.


Due to a software defect introduced by PR1432397. When you configure a firewall with the forwarding-class feature on ACX2200, MX80, or MX104, this causes the "firewall process" - "dfwd" -  to restart unexpectedly. The result is no firewall is installed on the PFE. If you are using a firewall with "forwarding-class" on ACX2200, MX80, or MX104, do not upgrade to JUNOS version 17.3R3-S5, or 17.3R3-S6

The following are incremental changes in 17.3R3-S5.

PRs fixed in 17.3R3-S5 but have not been recorded in "Resolved In" field

PR Number Synopsis Description
1365316 Extended traffic loss when performing ISSU/GRES with AE interface configured with LACP When the graceful Routing Engine switchover (GRES) is enabled, if the Link Aggregation Control Protocol (LACP) is configured on the AE interface, the AE interface might flap when the Routing Engine switchover happens - e.g. the unified in-service software upgrade (ISSU) is performed or the primary RE is restarted. This could cause extended traffic loss (more than 5 sec, depending on how fast the AE interface recovers). See also TSB17578
PR Number Synopsis Description

JUNOS BGP Established state is not shown in "show bgp summary" if only primary routing instance is present

When only default routing-instance is present, the JUNOS command "show bgp summary" does not show the BGP ESTABLISH state. If the BGP state is not an ESTABLISHED state, then it shows the states as design (i.e Active, Idle, Connect). If there is a routing-instance configured (apart from master routing-instance inet.0), the BGP ESTABLISH state is showed properly. Issue happens for IPv4 BGP sessions only, on IPV6 we always see all the BGP states as default.


Normal VRRP MAC is triggering a MAC move, and logical interfaces on the BD are getting shut down.

A new option exclusive-mac is added under protocols l2-learning global-mac-move set protocols l2-learning global-mac-move exclusive-mac .


The 1G copper module interface shows "Link-mode: Half-duplex" on QFX10000 line platforms

On QFX10k Series platforms (QFX10002, QFX10008, QFX10016), the 1G copper module interface on 10G line card (QFX10000-60S-6Q) incorrectly displays with 'Link-mode: Half-duplex'.


Pinnacle_PDT: SCHED slip,Oinker and tcp connection drop seen during large file scp/ftp to the system (high intr{ virtio_p} seen)

If management port is used to transfer large files at high speeds, "SCHED slip or Oinker" messages may be seen. If this happens issue the following command from the CLI to shape management port traffic: > request app-engine host-cmd "/sbin/mgmt_port_shaper start" To disable the traffic shaping on the management port, issue: > request app-engine host-cmd "/sbin/mgmt_port_shaper stop"


Chassisd core is seen after insertion of NG-RE (REMX2K-X8-64 or RE-S-X6-64G) in MX platform along with older RE types

On MX platform, Chassisd core will be seen continuously during the intermediate step for migrating to NG-RE (REMX2K-X8-64 or RE-S-X6-64G). This issue is seen when old RE (RE-S-2000 or RE-S-1800x4) is the primary RE while inserting NGRE in a free slot.


Port LEDs do not work on QFX5100 in QFX5110-QFX5100 mixed mode virtual chassis

Port LEDs on QFX5100 do not work. If a device connects to a port on QFX5100, the port LED stays unlit.


PTX1K:flabel Mem alloc failure followed by FPC core

Over a period of time, network events such as route flaps and MBB scenario cause the PFE heap memory to get fragmented. This change improves memory management and reduces the chance of memory fragmentation.


Interface down due to "PFE Marked Disabled" on PECHIP causing traffic loss

Consider Ingress FPC to be up, fully Init and stable and follow below flow: We restart the egress FPC. It will come up and do its Block driver Init and program the PFE states. During fpc and ASIC initialization Init all global ASIC tables and during initialization we bring up paths for special path IFD's like RHI. After this FPC will send to RE (chasisd) FPC ONLINE message. As soon as this message is sent chaassid it will send IFD ATTACH to all cards. This will start the traffic in case of AE on Ingress card (The root problem). As soon as Ingress FPC start traffic a request will be generated that will traverse fabric path and reach FI which is the first block on egress. Since IFD Init is not complete on egress card this request will lookup in a queue mapping table, at this moment this table will point to an uninitialized value causing the traffic drops. This bug affects the multi slot PTX routers, single slot system like PTX1000 is not affected with this bug.


The SNMP trap message are always sent out with log about "Fan/Blower OK" on EX4300-VC switch

On EX4300 virtual chassis (VC) switch, if FPC5 exists, the system will frequently send SNMP trap out along with below messages logged to syslog files. EX4300-VC chassisd[1194]: CHASSISD_SNMP_TRAP6: SNMP trap generated: Fan/Blower OK (jnxContentsContainerIndex 4, jnxContentsL1Index 6, jnxContentsL2Index 1, jnxContentsL3Index 1, jnxContentsDescr FAN 0 @ 5/0/0, jnxOperatingState/Temp 2). Resolved-In: junos:15.1R7-S2 junos:15.1R8 junos:16.1R8 junos:17.1R3 junos:17.2R3 junos:17.3R3-S5 junos:17.3R4 junos:17.4R2 junos:18.1R3 junos:18.2R1 junos:18.2X75-D5


Junos OS: J-Web Denial of Service due to multiple vulnerabilities in Embedthis Appweb Server

Junos OS J-Web Denial of Service due to multiple vulnerabilities in Embedthis Appweb Server; Refer to for more information.


The route might flap after OSPF neighbor router reboot

After the OSPF neighbor router reboot, the route received from the neighbor router via OSPF might flap during the router recovery. When this occurs, out of order packets and traffic loss might be seen.


Configuration commit operation after policy change causes rpd crash

The rpd might crash during the policy configuration changes.


Traffic might be blocked on MX with MS-MPC/MS-MIC

On MX platforms with MS-MPC/MS-MIC, if a large sum of similar packets (eg:thousands of packets) are received, because of the flaw of the method to process these packets, data/management path was completely blocked and dead-locked. Eventually, traffic might be blocked.


On a ACX ring topo, after link between ACX and MX flap, VPLS RI on PE (MX) have no MAC of CE over l2circuit

Issue: During the core interface flap, the specific label route is switched between SWAP and PHP mode, when there is two paths are available in the ring (core interface which is flapping is giving PHP mode and other one is in SWAP mode). In issue case, the hardware route config is in SWAP mode and the Junos/HAL routes are in PHP mode. It leads to drop the forwarding traffic for the given label. Fix: Whenever the active member of unilist NH is changed, the same is not reflected in the corresponding routes. It leads the route is working with older active NH instead of latest one. To avoid this case, whenever the existing unilist NH's active member is changed, then route update is triggered for the same using topo walk.


Terminate code for "clear network-services aaa subscriber username" is incorrect

Terminate code for "clear network-services aaa subscriber username" is mapped to code value 10 (termination cause: NAS Request, description: NAS ended the session for a non-error reason) in the affected releases. Per RFC 2866, RADIUS Accounting, it should be mapped to code value 6 (termination cause: Admin Reset, description: System administrator reset the port or session).


The kernel crash might be observed when there is a firewall filter modification

In firewall scenario, when the apply-path statement is used to expand a prefix-list pointed to a defined path, if any configuration modification causes the prefix-list changes, in a rare condition, the kernel crash might happen. Traffic disruption might be seen if NSR (Nonstop active routing) is not used during the crash.


The backup member switch might fail to become the primary switch after switchover on QFX5100/QFX5200/EX4600 Virtual Chassis platform

On QFX5100/QFX5200/EX4600 Series Virtual Chassis platform with graceful-switchover (GRES) configured, if the backup member has file of /var/run/, then reboot the primary member of do Router Engine switchover, the backup cannot become the primary member.


The fxpc might crash after an interface is changed on ACX5000 routers.

On ACX5000 platforms, if a GE (Gigabit Ethernet) interface is replaced with an XE (10-Gigabit Ethernet) interface or vice versa, or configuration is changed after the interface change, the fxpc might crash.


Host destined packets with filter log action might not reach to the routing engine if log/syslog is enabled.

On EX4300/EX4600/QFX Series switches except for QFX10k, if host destined packets (i.e., the destination address belongs to the device) come from the interface with ingress filter of log/syslog action (e.g., 'filter <> term <> then log/syslog'), such packets should not be dropped and reach the routing engine.


The L2circuit might stop forwarding traffic when one core interface flapping happens

On ACX-series platforms with L2circuit scenario, if the L2cicuit peer is connected via RSVP (with link protection) through two interfaces (e.g. primary and backup interface, AE0 and AE1), and after both interfaces flapped, the L2circuit link is brought down and back to up. And at this point, if one core interface (such as AE0 or AE1) flaps alone, the L2circuit link still stays up because another interface is up, but the traffic to CE would be dropped due to one internal table in kernel is not be programmed correctly.


EX4300 device chooses wrong bridge-id as RSTP bridge-id

Under RSTP scenario, EX4300 chooses wrong bridge-id as RSTP bridge-id. It might cause loops in the networks.


The kmd crashes with core file after bringing up IPSec connection.

On ACX, M, MX and T platforms, after bringing up IPSec tunnels, if issuing show command, kmd crash might be seen.


The rpd might crash when traceoptions are enabled

When traceoptions are enabled with a lot of trace flags or 'flag all', the rpd might crash due to buffer overflow issue. This is a timing issue.


DDOS statistics and logging is not working for internal queues such as Q42 & Q4

While initializing DDOS configurations for vchassis, we were not setting DDOS_POL_FLAGS_ASIC. Fix: While initializing we have set "DDOS_POL_FLAGS_ASIC" in flags. This issue is fixed in 15.1X53-D236 onwards


RTG MAC refresh packets will be sent out from non-RTG ports if the RTG interface belonging to the Virtual Chassis primary flaps

On EX4300/EX4600/QFX Series switches except for QFX10000, in Virtual-Chassis and RTG scenario, if the RTG (redundant trunk group) interface flaps on VC primary, RTG MAC refresh packets will be sent out from all the ports which is belong to the same VLAN. Normally, the MAC refresh packets are used to refresh MAC entries on the peer L2 device connected to the RTG ports.


The SNMP query on LACP interface might lead to lacpd crash

If stale SNMP (Simple Network Management Protocol) index for LACP (Link Aggregation Control Protocol) interface exists and SNMP query is executed on the LACP interface, the lacpd might crash when trying to retrieve the stale SNMP index. The issue results in LACP negotiation failure during the lacpd restart. If "lacp periodic fast" is configured (which means LACP timeout is 3 seconds), the existing negotiated LACP interface might be impacted and traffic loss might be seen if the restart of the lacpd takes more than 3 seconds.


The PFE might not respond with ICMP time exceeded error when packets arrive from subscribers

The PFE might not respond with ICMP error for TTL expiry when packets arrived from subscribers. This might prevent traceroute to work from subscribers. When the traffic or service problem occurs in the production network, if the result of traceroute is wrong, it will bring great difficulties to troubleshooting.


SNMPD crashed and caused core dump.

Issue: snmpd daemon leaks memory in snmpv3 query path and crashes. Cause: The issue is caused by a memory leak when the request PDU is dropped by snmp when config - "snmp filter-duplicates" is enabled. Each request PDU has a structure pointer for the SNMPv3 security details. This is allocated when the pdu is created/cloned. But while dropping the duplicate requests the corresponding free for this struct is not done, which causes the memory leak. Fix: The fix adds the security state reference cleanup callback during PDU free.


DRAM and Buffer utilization fields are not correct for QFX10000 platforms

"show chassis fpc" command displays a wrong amount of available memory on a QFX10000's FPCs.


QFX5100// vlan-xlate - Q-in-Q - Table full

On a QFX5100 Q-in-Q may stop working for certain vlan-id-list configured under an IFD. This is result of a PFE binary issue which is addressed through an upcoming image.


The alarm might be seen if the PEM's serial number starts with "1F1"

On ACX/EX/QFX/SRX platforms, if the PEM's serial number starts with "1F1", the alarm "Minor FPC PEM Temp Sensor Failed" might be seen.


Only one PFE could be disabled on FPC with multiple PFEs in error/wedge condition

On MX, PTX and QFX platforms with Chassis Manager (CM) error reporting, if Flexible PIC Concentrator (FPC) has multiple Packet Forwarding Engines (PFEs) in which one of PFEs goes into wedge condition, due to this issue, the wedge condition might be reported continuously even after disable_pfe action has been taken for the corresponding PFE. Due to this issue, when CMERROR message queue is saturated and the level report-limit is reached (e.g. 10 major errors), the wedge condition on the other PFE within the same FPC will be ignored and not be able to trigger disable_pfe action any more. This issue might cause some traffic being blackholed.


DHCP subscriber cannot reconnect over dynamic VLAN demux interfaces due to RPF check failure

In subscriber management scenario using dynamic VLAN demux interfaces and with rpf-check enabled, if the access interface goes down for some time, the DHCP subscribers might not be able to reconnect when the interface comes up.


The DHCP discover packets are forwarded out of an interface incorrectly if DHCP snooping is configured on that interface

On QFX and EX platforms, if DHCP relay or remote DHCP server address is not configured, when the chassis receives DHCP packets having the chassis's own IP and MAC as destination IP and MAC, the chassis will forward the DHCP packets out of the interface where DHCP snooping is configured. This is incorrect behaivor.


repd continue core on VC-Bm when there are too many IPv6 address on one session (hit PR1384889)

When the box hit PR1384889, There will be multi IPv6 address on one session. On this scenario, It is possible to have "repd" process save its core continuously when replicating SDB from VC-Mm to VC-Bm.


Executing command "request system configuration rescue save" may fail with error messages

The command "request configuration rescue save" is not functioning well and it prints an error log for the nonexisting FPCs. So it cannot restore the configuration in time in the event of a software failure.


No chassis alarm is raised on PTX1000 when PEM is removed or power lost to PEM

When a PEM is removed or loses power on a PTX1000 in susceptible code versions, no chassis alarm is raised.


QFX5120 : In VxLAN-EVPN configuration , transition from collapsed to non-collapsed L2/L3 GW and vice versa needs switch reload

On a QFX5120 system Transition from VXLAN/EVPN collapsed to non-collapsed L2/L3 GW and vice versa needs switch reload due to stale source vtep IP.


The rpd may crash when RSVP bypass path flaps

In the MPLS-TE with RSVP scenario,in rare cases, when bypass path of RSVP goes down or comes up, CSPF re-calculation is triggered by this update event of state changing and rpd needs to try to remove/add this path from the TED (Traffic Engineering Database), but at that moment, the TED database happens in the corruption and that may cause the rpd crash.


Traffic impact might be seen if auto-bandwidth is configured for RSVP LSPs

With auto-bandwidth configured for Resource Reservation Protocol (RSVP) Label Switched Path (LSP), when timeout occurs during LSP statistics query, large bandwidth might be wrongly reserved for the LSP. If there is no sufficient resources (e.g. bandwidth, alternative path) in the network, other LSPs might be torn down, or might not go up.


Without dot1x configuration, the syslog "dot1xd[2192]: task_connect: task PNACAUTH./var/run/authd_control addr /var/run/authd_control: Connection refused" is generated repeatedly.

Without dot1x configuration, the syslog "dot1xd[2192]: task_connect: task PNACAUTH./var/run/authd_control addr /var/run/authd_control: Connection refused" is generated repeatedly.


"show configuration" and "rollback compare" commands causing high CPU

If scaled config of interfaces and filters are configured, the CPU usage hits 100% for a few seconds while running "show configuration" or "show system rollback compare " commands.


The PFE might get disabled unexpectedly due to a auto correctable non-fatal hardware error on PTX or QFX10002/QFX10008/QFX10016

On PTX or QFX10002/QFX10008/QFX10016, a auto correctable non-fatal hardware error on PE chip (which is ASIC on PTX1000, PTX10002, QFX10002, the third-generation FPC on PTX3000/PTX5000, and the Line card on PTX10008/PTX10016/QFX10008/QFX10016) is reported as 'FATAL' error and hence the related Packet Forwarding Engine (PFE) will get disabled. The code changes have been made to change the error category from 'FATAL' to 'INFO' to avoid the PFE to be disabled unexpectedly.


The ToS/DSCP and TTL fields might not be copied into the outer IP header in Group VPN scenario

In Group VPN scenario, on MX Series with Junos 16.1 onwards, the ToS/DSCP and TTL fields might not be copied from the original packet to the outer IP header during the IP header preservation.


The port at FPC(e.g. JNP10K-LC1101) might fail to come up

On rare occasions, the port at FPC(e.g. JNP10K-LC1101) might fail to come up due to the retimer initialization failure upon the FPC reboot/OIR and a QSFP OIR.


When using SFP+, the Interface optic output might be non-zero even the interface has been disabled

When using SFP+, the Interface optic output might be non-zero even the interface has been disabled


QFX5110VC generates DDOS messages of different protocols on inserting a 1G/10G SFP or forming VCP connection

QFX5110VC generates DDOS messages of different protocols on inserting a 1G/10G SFP or forming VCP connection. The messages are cosmetic and do not cause any impact to traffic for which DDOS message is generated.


Packets might be dropped if the traffic forward via an LT interface

On all Junos platform, if the traffic forward to IRB via an LT (Logical Tunnel) interface, packets might be dropped.


A steady increase of the PFE heap memory utilization may happen when PPPoE subscribers are flapping

On MX-Series platform with TRIO MPC installed, PFE heap memory is leaking steadily when thousands of PPPoE subscribers connected via AE (Aggregate Ethernet) interface are flapping continuously.


Virtual Route Reflector may reports DAEMON-3-JTASK_SCHED_SLIP_KEVENT error on some hypervisor or host machine because of NTP sync. Routing protocol may be impacted.

Virtual Route Reflector may report DAEMON-3-JTASK_SCHED_SLIP_KEVENT error on some hypervisor or host machine. Routing protocol may be timed-out because of this slip. When hypervisor is providing inaccurate hardware time-counter , NTP time sync may trigger temporarily JUNOS kernel hang which may end up with protocol impact.


Junos PCC may reject PCUpdate/PCCreate message if there is metric type other than type 2

When using PCEP (Path Computation Element Protocol), if a PCE (Path Computation Element) generates a PCUpdate or PCCreate message which contains a metric type other than type 2, the Junos device acting as PCC (Path Computation Client) may fail to process the message and reject the PCUpdate or PCCreate message from the PCE. When the issue occurs the LSPs' (Label-Switched Path) characteristics cannot be updated hence it may cause traffic impact.


The PTX1000/PTX10002/QFX10002 may stop forwarding packets after the "chassis-control" process restarts

During normal operation on PTX1000/PTX10002/QFX10002 platforms, if the "chassis-control" process restarts, the hardware may not get properly programmed. This causes packets to be dropped on the output interface.


The user might not enter configure mode due to mgd is in lockf status

If "commit confirmed " is executed, then issuing another "commit" or "commit confirmed " after around the minutes, in race condition, a rollback might be hit. At last, it may cause the mgd process to enter and to stay in lockf status. Thus, the user might not enter configure mode anymore.


Local L2ALD proxy MAC+IP advertisements accidentally delete MAC+IP EVPN database state from remotely learned type 2 routes

With 'proxy-macip-advertisment' enabled on IRB ifl, the spine could learn MAC+IP from l2ald upon arp resolution or via type 2 EVPN routes from other spines. If learnt from other spine, a MAC+IP withdraw from l2ald could delete this state. proxy-macip-advertisment is needed once using virtual gateway feature.


Some subscribers might be offline when doing GRES or daemon restart

In DHCP subscriber scenario, some subscribers might be offline when doing GRES or daemon restart. The reason is that when restoring the subscribers back from SDB (subscriber database), PDB (Profile database) call (a internal call which is done to determine the interface type) fails. Because sometimes PDB calls are unreliable and could return error if database is not ready. And this is also the root cause.


RSVP LSP might get stuck in down state in OSPF Multiarea topology

In OSPF Multiarea topology (ABR has one or more multi-area adjacencies--one interface is attached to multiple OSPF areas), and inter-area RSVP LSP is configured (inter-domain is configured inside LSP), when primary path failure or optimize-timer triggers to signal a new instance of LSP, the LSP might get stuck in down state and it could not complete the signaling process. The reason is the incorrect CSPF on ABR which leads to RSVP path message loop and also causes next CSPF run to be skipped on the headend.


lsp-cleanup-timer is not being honored when lsp-cleanup-timer is configured to be greater than 2147483647

The lsp-cleanup-timer, configured under [edit protocols pcep pce ] currently accepts values between 1 and 4294967294; however, only values between 1 and 2147483647 are valid for this configuration statement. If a value larger than 2147483647 is configured then when the path-computation-client status goes down the LSP is removed from the router immediately. Similarly if the LSP is PCE initiated and lsp-cleanup-timer is configured with a value above 2147483647 then the LSP will be removed immediately after the dead-timer expiry.


High CPU usage on fxpc process might be seen on ACX5K platform

On ACX5K platform, the fxpc process high CPU usage might be seen under rare condition if parity errors are detected in devices. It has no direct service/traffic impact. However since CPU utilization is high during this issue, there are some side-effects. Eg, it could impact time-sensitive features like BFD.


Traffic might be dropped due to LDP label corruption after RE switchover

The LDP transit egress route for a BGP route has an indirect nexthop. In NSR and GRES scenario, after RE switchover, in some cases, LDP might fail to receive route flash for a BGP route from inet.0 and would not update the inet.3 route for the BGP route. As a result, the nexthop for LDP transit egress route will become unusable and the LDP transit egress route will get deleted. It could cause BGP sessions to go down and cause traffic drop.


The IPsec tunnel might get down when the Junos platforms and the peer both act as the initiator and try to bring an IPsec tunnel up at the same time

In the scenario where the the Junos platforms and the peer device both try to simultaneously bring up an IKE SA and both sides act as an initiator for separate tunnels, if one of the IKE negotiations fails and the other one is successful, then during the clean up of failed negotiations, it will perform a tunnel failover process which used to delete the IKE SA only on one side. And due to the fix for PR 1369340, it stops sending the IKE delete notification to the peer in the tunnel failover condition, which leads to this situation where the IKE SA is deleted on one peer while the other peer continues to have the same IKE SA. So some functional impact about the IPsec SA would be seen and then the IPsec tunnel might be down. If DPD (Dead Peer Detection) is not configured, the system will continue to remain in this state until this IKE SA is deleted after its hard lifetime expiry.


ARP entry is still pointing to failed VTEP after PE-CE link fails for multihomed remote ESI

In EVPN/VXLAN scenario, if PE-CE link fails for multihomed remote ESI, the ARP entry is still pointing to failed VTEP interface.


op url command can't run a script with libs from /config/scripts

op scripts with libs import may fail to run with op url command and "load-scripts-from-flash" knob configured


The FPC CPU might be hogged if channelized interfaces are configured

On MX platform, with 1xCOC12 or 4XCOC3 used, if channelized interfaces are configured, FPC CPU hog might be seen.


An interface may go to downstate on QFX10000/PTX10000 platform

On QFX10000/PTX10000 platform, an interface may go to downstate along with "FPC hard errors" due to Management Data Input/Output (MDIO) timeout. This is a timing issue and may be seen in some situations like FPC restart, port-speed change, link up/down, optics plug-in/plug-out.


The pfex process might crash and core dump when reinsert SFP

On EX4300-32F platform, when SFP-T is used in a port earlier and SFP is inserted and then removed from the same port, the pfex process might crash and core dump.


Virtual Chassis may become unstable and FXPC cores when there are a lot of configured filter entries

On EX2300/EX3400 Virtual Chassis platform with storm-control enabled, when multiple filter entries get exhausted, VC becomes unstable and FXPC cores.


4x10G interfaces on PTX3000/PTX5000 FPC type 3 might not come up after frequently flap for a large amount of time

On PTX3000/PTX5000 platforms with FPC3, if remote-connected interface continuously flaps for a large amount of time, the 4x10G interfaces on FPC3 might get down and never come up. The probability of occurrence increases with the number of continuous flaps.


The CoS ieee-802.1 classifier might not get applied when it is configured with service activation on underlying-interface

In a subscriber management environment, the Class-of-Service (CoS) ieee-802.1 classifier might not get applied when it is configured with service activation on underlying-interface. Instead, the default IP Precedence classifier would be applied.


BFD might stuck in slow mode on QFX10002/QFX10008/QFX100016 platform

On QFX10002/QFX10008/QFX100016 platform, if BFD session is configured on fast mode, when the BFD session is across a dual-tagged interfaces (for example QinQ), BFD might switch to slow mode. BFD triggered FRR will have more loss and it takes more time to detect BFD down.


QFX5100-48T 10G interface might be auto-negotiated at 1G speed instead of 10G

QFX5100-48T 10G interface might be auto-negotiated at 1G speed instead of 10G after peer device reboot. This issue will cause link down and impact customer service.


Add the second IRB to an AE and roll it back might cause the first IRB to stop working

Adding the second IRB to an AE and then removing it would cause the first IRB to stop working.


Stale entries may be observed in a layer 3 VXLAN gateway scenario

On QFX5000 series platform where the Layer 3 Virtual Extensible LAN (VXLAN) gateway is enabled such as QFX5110, stale entries may be observed if route change happens, triggering route and nexthop deletion on PFE. Due to the increasing stale entries, which may further fill up the corresponding table and causes the new entries to not get added successfully, traffic loss may be observed as a result.


MACSEC connection on ex4600 will not come back up after interface disconnect while traffic is passing

If a interface is physically disconnected (cable or sfp removed) and that interface is a member of a aggregate link AND MACSEC traffic is passing when the interface is pulled. The MACSEC will stop working. Reset of the AE interface and or physical interface is required to restore service.


Traffic is dropped after FPC reboot with AE member links deactivated by remote device

On JUNOS routers and switches with Link Aggregation Control Protocol (LACP) enabled, deactivating a remote Aggregate Ethernet (AE) member link will make the local member link move to LACP Detached state. The Detached link will be invalidated from the PFE AE-Forwarding table as expected. However, if the device is rebooted with this state, all the member links will be enabled in PFE AE-Forwarding table irrespective of LACP states and result in traffic drop.


The bbe-smgd process might crash after executing the command "show system subscriber-management route prefix <>"

On MX platforms which support enhanced subscriber management feature, if more than 10 duplicate framed routes are configured, the bbe-smgd process might crash after executing the command "show system subscriber-management route prefix <>".Due to this issue, the subscriber service will be impacted.


RE kernel crashes may be seen in EVPN scenario when proxy arp is enabled

In EVPN scenario when proxy arp is enabled and the lowest 3 bytes of irb logical interface's address are zero, RE kernel crashes may be seen if IPv6 address is configured on irb logical interface and then got removed.


The jdhcpd might consume 100% CPU and crash if dhcp-security is configured

The issue is limited to DB related to MAC-MOVE scenario. When dhcp-security is configured, if multiple IPv4 and IPv6 Client's MAC-MOVE happens, the jdhcpd might consume 100% CPU and jdhcpd will crash afterwards.


The MGMT_PORT_SHAPER script is not initialized during RE boot-up due to ready-only/non-executable file permission

On QFX10008 platform, the MGMT_PORT_SHAPER script is not executed due to incorrect file permission. If there is a possibility of DDOS attack on the management port, please follow the workaround to correct the file permissions and start the script. The workaround only needs to be applied once.


All interfaces creation failed after NSSU

On all Junos platform supporting RE switchover, all interfaces creation might be failed after NSSU.


In subscriber with L2TP scenario, subscribers are stuck in INIT state forever

In the subscriber with L2TP scenario, subscribers may be stuck in INIT state, as there are a great many Attack of Invalid login requests arrive at LAC, lead the LAC getting very slow to deal with these requests, after when all the related resources depleted, those subscribers that are too late to process in the SDB (subscribers Data Base) entries will remain in INIT state forever.


The rpd might crash in PIM scenario with auto-rp enabled

In PIM scenario with auto-rp enabled, when both of a PIM session task and an auto-rp session task are being closed by rpd very near to each other, and the auto-rp task has got terminated before the PIM task is about to terminate, then the rpd process crashes.


Some CFM and BFD sessions might flap while collecting MPLS statistics

On Junos-based platform with MPLS and MPLS statistics enabled as well as a CFM or BFD, when CFM with continuity-check interval less than 1000ms (e.g. 100ms) or BFD with minimum-interval less than 1000ms (e.g. 100ms), during the periodic MPLS statistics collection if there are a large number of next-hops (several thousand) related to MPLS forwarding, the transmission of the periodic CFM or BFD protocol packet may be delayed. It may cause some CFM or BFD sessions to expire on the remote side of the session due to timeout, which can further result in traffic drop due to CFM/BFD flapping.


Interface flapping scenario might lead to ECMP nexthop install failure on EX4300s.

On EX4300 platform with ECMP (Equal-Cost MultiPath) enabled, interface flapping might trigger a sequence of ulst nexthop install/uninstall events which exceed the system limit, leading to nexthop install failure on PFE (Packet Forwarding Engine).


Heap memory leak might be seen on QFX10000 platforms

On QFX10000 platforms (QFX10002, QFX10008, QFX10016 ), if BFD is configured, heap memory leak will be seen.


CRC errors can be seen when other manufacturer device is connected to QFX10K with QSFP-100GBASE-LR4-T2 optics

CRC errors can be seen when other manufacturer device is connected to QFX10K on a 100G link with QSFP-100GBASE-LR4-T2. Other manufacturer device report CRC errors and input errors on those 100G links. The QFX10K interfaces do not show any errors. It may cause packet loss.


The rpd would core dump due to improper handling of Graceful Restart stale routes

In BGP Graceful Restart scenario, including helper mode which is enabled by default, rpd would core dump due to improper handling of BGP Graceful Restart stale routes during the BGP neighbor deleting. The rpd would crash and service/traffic impact would occur.


The fxpc may continually crash when firewall filter is applied on a logical unit of a dsc interface

On QFX5000 platforms, the fxpc may continually crash when firewall filter is applied on a logical unit of a dsc interface. It has traffic impact.


QFX : EVPN-VXLAN : L2ALD cores when number of VXLAN HW IFBDS exceeds the max limit of 16382

l2-learning daemon will core when the number of hardware vxlan IFBDs exceeds the maximum limit of 16382.


Some ports on PTX might remain down after rebooting the FPC/device at remote side

On PTX3000/5000 with FPC3 installed, some 100G ports might remain down after rebooting the FPC/device at remote side.


The vrrpd process might crash after deleting VRRP sessions for several times

If VRRP group has preemption configured and corresponding logical interface has been disabled/deactivated and re-enabled/re-activated some time after, the VRRP process may crash at the moment of changing mastership for that group.


Interface on QFX does not come up after the transceiver is replaced with one having different speed

On QFX series platforms, interface may not come up when the transceiver is replaced with another transceiver which has different speed.


Configuration is prevented from being applied on MX in subscriber scenario

On MX platforms, in a subscriber management configuration, if VPLS encapsulation is only configured under user-facing interface while it is not configured under the core-facing interface, when incorrect configuration checks is being performed, this configuration is prevented from being applied.


QFX10K: Hold-down timer configured interface are processing incoming packets leading to packet forwarding through the ASIC

QFX10K: Hold-down timer configured interface are processing incoming packets leading to packet forwarding through the ASIC


All ingress traffic might be dropped on 100m fixed speed port with no-auto-negotiation enabled

On QFX5110-48S platform, when no-auto-negotiation is configured on SFP-T 100m fixed speed port and peer's port does not work in auto-negotiation mode, the ingress traffic might be dropped and increasing CRC errors will be observed.


The jdhcpd memory leak might happen on MX5/MX10/MX40/MX80/MX104 when testing DHCP subscribers log-in/out

On MX5/MX10/MX40/MX80/MX104 Series platforms with DHCP server configuration for DHCP subscribers, the jdhcpd memory leak might happen and the memory increase by 15MB which depends on the number of subscribers when testing the DHCP subscribers log-in/out.


The ERPS failover does not work as expected on EX4300 device

On EX4300 Series switches with Ethernet Ring Protection Switching (ERPS) deployment scenario, the firewall daemon (dfwd) may not be able to read the configuration file for the policer actions which are blocking the filter push operation to the Packet Forwarding Engine (PFE), as a result, the ERP packet gets dropped in hardware.


Stale MAC addresses are present in the bridge mac-table in EVPN/MPLS scenario

In EVPN/MPLS scenario, if many MAC (about 10k) addresses move from remote to local interface, some MAC addresses might never get cleared up from the bridge table due to next-hop is not getting cleared in time within the PFE. So they might remain present in the bridge MAC table even after the aging time (default 300s).


PIM join not sent upstream until MSDP SA is received

There could be a significant delay between the time when the (*,G) PIM JOIN is received from downstream interface and a corresponding PIM JOIN is sent to the Upstream router. In order to hit this problem there has to be (*,G) state and the source information has to be received over MSDP. In this case if the PIM JOIN from the downstream device expires the subsequent PIM JOIN from this downstream device will not trigger an Upstream PIM JOIN until the corresponding MSDP SA is received.


The rpd will crash continuously if RSVP LSP link/node protection is configured

On PPC platforms (PowerPC CPU based platforms), the rpd will crash continuously if RSVP (Resource Reservation Protocol) LSP (Label-switched Path) link/node protection is configured. Traffic loss might be seen during the rpd crash.


In ACX platforms, no-vrf-propagate-ttl may not work after activate or deactivate of COS configuration

No-vrf-propagate-ttl may not work after activate or deactivate of COS configuration in acx


INNOLIGHT QSFPs cause link flaps.

Interop issues exists with INNOLIGHT QSPFs (Part number 740-054050) that cause link flaps.


LASER TX remained enabled while Interface is disabled using the RE CLI config

QFX10000-60S-6Q Line card on QFX10008 and QFX10016 platforms, LASER TX remained enabled while Interface is disabled using the RE CLI config.


Transit DHCPv6 packets might be dropped on QFX5100/5200 platforms

On QFX5100/5200 platforms, transit DHCPv6 packets might be dropped. I.e., pass-through DHCPv6 packets might not be forwarded.

Modification History:
Update to include a warning for ACX2200, MX80. and MX104 on 2019-09-26
First publication date 2019-07-11
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search