Knowledge Search


×
 

17.4R2-S6: Software Release Notification for Junos Software Service Release version 17.4R2-S6

  [TSB17605] Show Article Properties


Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, MX, PTX, QFX, NFX, SRX, VRR, Network Agent
Alert Description:
Junos Software Service Release version 17.4R2-S6 is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

Junos Software service Release version 17.4R2-S6 is now available.

The following are incremental changes in 17.4R2-S6.

 
PR Number Synopsis Description
1311553

System may hang during initial configuration when doing a USB install or request vmhost zeroize/request system zeroize.

When attempting to go into configure mode after a USB install or request vmhost zeroize/request system zeroize, the system may hang for 15-20 minutes before it becomes responsive.

1316429

JCT: OCST /junos/system/linecard/interface/:/interfaces/:PFE packet drop seen on PTX5000 when there is 100ms RTT delay between DUT and collector

A producer configured for higher reporting interval (2 sec) can result in some packet drops for high RTT in network. The next reap of data will provide the same information.

1376804

ECMP route installation failure with log messages like unilist install failure might be observed on EX4300 device

On EX4300 devices with two ECMP interfaces, if multiple iteration happens for one interface link goes down/up, stale ECMP entries might not be deleted and still be seen in hardware due to the next-hop delete failure and unilist install failure.

1379227

PTX10008: error logs seen when flows are sample through aggregate bundles when jflow sampling enabled

In certain scenario's where flows are sampled through aggregate bundles when jflow sampling is enabled, the following harmless error logs can be seen: [Tue Oct 30 18:17:40.648 LOG: Info] expr_get_local_pfe_child_ifl: cannot find child ifl of agg ifl 74 for this fpc [Tue Oct 30 18:17:40.648 LOG: Info] flowtb_get_cpu_header_fields: Failed to find local child ifl for 74 [Tue Oct 30 18:17:40.648 LOG: Info] fpc0 cannot find stream on [hostname]

1380784

The pfe_disable action does not disable the logical tunnel interfaces belonging to the affected PFE

When pfe_disable action is triggered (for example by a major error on the PFE), all the physical interfaces for that PFE will be disabled. This PR is meant to ensure that logical tunnel interfaces (e.g. lt-*) are also disable to prevent attracting traffic to the failed PFE.

1385380

The static route might persist even after its BFD session goes down

On all Junos OS platforms with BFD for the static route configured, when the BFD session is brought down by changing the VLAN ID of the local interfaces, the static route might persist in the routing table.

1396372

Packet dropped in tunnel interface with checksum error

In a logical tunnel(lt) interface, Packet is dropped with checksum error due to missing layer-2 encapsulation function in the PFE.

1397628

The PPPoE subscribers unable to reconnect after FPC reboot

In the scale subscribers management environment, the PPP inline keepalives don't work after all the AE (Aggregate Ethernet) member link line cards reboot. This issue may cause the PPPoE subscribers unable to reconnect.

1401507

The TCP connection between ppmd and ppman might be dropped due to a kernel issue

The periodic packet management process daemon (ppmd) off-loads time-sensitive periodic processing from various clients to a single daemon. It is responsible for periodic transmission of packets on behalf of its various clients. Due to a kernel issue, the TCP connection between ppmd in the Routing Engine (RE) and periodic packet manager (ppman) in the packet forwarding engine (PFE) might be dropped. It will result in the clients which use ppmd (such as LACP) flapping.

1401817

The na-grpcd log file is not rotated and keeps growing until RE is out of disk space

In JET/Telemetry scenario, the Telemetry log file is not rotated and keep growing until Routing Engine (RE) is out of disk space, this might cause unexpected impact of RE, and eventually lead to RE crash. The fix has now been provided to set max allowable size to 50M and once the file reaches its max size, it will get rotated and compressed.

1416032

LDP routes might flap if committing any configuration changes

On all Junos platforms, if LDP protocol is enabled, after committing any configuration changes, the LDP routes might flap, the packets might be dropped during the period. Issue was introduced in 16.1R1.

1422171

IPsec SA may not come up when the Local gateway address is a VIP for a VRRP configured interface.

IPsec SA may not come up when the Local gateway address is a VIP for a VRRP configured interface.

1422789

BFD might stuck in slow mode on QFX10002/QFX10008/QFX100016 platform

On QFX10002/QFX10008/QFX100016 platform, if BFD session is configured on fast mode, when the BFD session is across a dual-tagged interfaces (for example QinQ), BFD might switch to slow mode. BFD triggered FRR will have more loss and it takes more time to detect BFD down.

1426975

Traffic loss might be seen when multiple IPsec tunnels are established with the remote peer

In IPsec DEP (Dynamic Endpoint) scenario, if multiple IPsec tunnels are established with the same traffic selector to the remote peer, only the reverse route pointing to the latest tunnel will be installed. Traffic sent through other tunnels will be dropped. If any of these tunnels is deleted, the installed reverse route will be deleted as well and traffic sent through the working tunnel will be dropped too.

1432449

With active/standby lacp configuration, PFE selector installs both links with same weight and traffic is sent on both.

With active/standby lacp configuration, PFE selector installs both links with same weight and traffic is sent on both.

1435019

The rpd will crash continuously if RSVP LSP link/node protection is configured

On PPC platforms (PowerPC CPU based platforms), the rpd will crash continuously if RSVP (Resource Reservation Protocol) LSP (Label-switched Path) link/node protection is configured. Traffic loss might be seen during the rpd crash.

1435182

Traffic might be dropped in IPsec VPN scenario when the VPN peer is behind a NAT device

On MX platforms with MS-MPC/MS-MIC running Junos 17.4R1 onwards, when IPsec VPN and NAT-T are configured and the VPN peer is behind a NAT device, the remote gateway port might be incorrectly set to UDP 500 instead of UDP 4500, and the outbound traffic has destination port UDP 500 will be dropped. Note: On MX platforms, after Junos 17.4R1, by default, Junos OS detects whether either one of the IPsec tunnels is behind a NAT device and automatically switches to using NAT-T for the protected traffic.

1437847

router send the router-advertisement with source link-layer address of all zeros 00:00:00:00:00:00

router may send the router-advertisement with source link-layer address of all zeros 00:00:00:00:00:00 on logical interface. Fix has been added to exclude source link-layer when field is not valid.

1441772

On PTX/QFX AE outgoing traffic might be dropped after changes are made to AE

On PE-chip based PTX/QFX platforms (including PTX1K/3K/5K/10K series, QFX10K series), if CoS IEEE-802.1 rewrite rule is configured and bound to the AE interface, traffic going out the AE interface might get dropped after changes are made to AE, due to nexthop install failure on ingress PFEs.

1442721

RPD crash after receive BGP SR-policy update message when BMP is enable

17.4R3,19.3R1,18.1R4, 18.3R4, 19.1R2, 19.2R2 can fix it

1444183

multiple change of NAT IP addresses and service set activate deactivate could lead to a crash

multiple times change of NAT IP addresses and service set activate deactivate could lead to a crash

1445191

Packets dropped due to destination MAC miss in the PFE

In case of l2backhaul, Packets dropped due to destination MAC miss in the PFE.

1445751

The mspmand process might crash if URL filtering is configured and one blacklisted domain name is a sub-string of another blacklisted domain name in URL filter database file

The mspmand (Multiservices PIC manager daemon) process runs on service PIC (MS-MPC/MS-MIC) and is responsible for managing URL Filtering service if URL filtering feature is configured. The mspmand process might crash if URL filtering is configured and one blacklisted domain name is a sub-string of another blacklisted domain name in URL filter database file. This would be continuous crashes until all the sub-string entries are removed from the system.

Modification History:
First publication 2019-07-12
Related Links: