Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

18.4R1-S5: Software Release Notification for JUNOS Software Version 18.4R1-S5

0

0

Article ID: TSB17697 TECHNICAL_BULLETINS Last Updated: 19 Dec 2019Version: 1.0
Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, MX, PTX, QFX, NFX, SRX, VRR, and VMX
Alert Description:
Junos Software Service Release version 18.4R1-S5 is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

Junos Software service Release version 18.4R1-S5 is now available.

18.4R1-S5 - List of Open issues

PR Number Synopsis Category:QFX L3 data-plane/forwarding
1367439 Invalid VRRP mastership election on QFX5110-VC peers
 
Both QFX5110, used as VRRP peers, in some specific scenarios involving configuration of bpdu-block-on-edge might claim to be VRRP masters.

18.4R1-S5 - List of Fixed issues

PR Number Synopsis Category:EX2300 & EX3400 platform
1351757 On EX3400 when me0 ports are connected between 2 EX3400 switches the link does not come up.
 
On Ex3400 when me0 ports are connected between 2 EX3400 switches, the link does not come up. The link comes up when me0 is connected to network port.
PR Number Synopsis Category:QFX Access control list
1429543 The traffic with destination UDP port 520 (RIP) or 521 (RIPng) gets dropped on QFX5000/EX4600 platforms
 
On QFX5000/EX4600 platforms, the received traffic will be dropped if the destination UDP port is 520/521 though the device runs pure layer 2 swithcing.
PR Number Synopsis Category:QFX PFE CoS
1433252 The traffic is placed in network-control queue on extended port even if it comes in with different dscp marking
 
In Junos Fusion scenario, when traffic from AD (aggregation device) to SD (satellite device) is exported with different dscp marking, it might be changed into network-control queue on extended port of SD.
PR Number Synopsis Category:QFX PFE L2
1437577 Physical layer and MAC/ARP learning might not work for copper base SFP-T on QFX5100/QFX5110/EX4600
 
On QFX5100/QFX5110/EX4600 platforms, if copper base SFP-T is used, it might not get up on physical layer and the MAC/ARP learning might not work if it gets up. The PR fixes both layer-1 and layer-2 issues in this scenario.
1467763 The fxpc.core might be seen when committing the configuration all together, e.g., after the reboot
 
On EX2300/3400/4300/4600 and QFX Series switches except for QFX10k, if committing the configuration all together (e.g., after the reboot), the fxpc/PFE core dump might be found. In the Virtual Chassis scenario, the VC members might be splitted because the VC ports might not be created in time.
PR Number Synopsis Category:QFX L3 data-plane/forwarding
1460688 The egress interface in PFE for some end-hosts may not be correct on the layer 3 gateway switch after it is rebooted
 
On edge-routed bridging (ERB) EVPN-VXLAN multihoming designs with QFX5110 and QFX5120 switches work as Layer 3 gateways, in some rare condition, when one of the switches acting as L3 gateway comes up after reboot, the egress interface in PFE for some end-host may not be updated to the correct next-hop interface in the hardware on that gateway. This issue cause traffic disruption for the affected end host
PR Number Synopsis Category:JUNOS kernel/ukernel changes for ACX
1385855 On ACX led on GE interface goes down when speed 10M is added
 
ACX led on GE interface goes down when speed 10M is added
PR Number Synopsis Category:Interfaces IFD, IFL, vlans, etc and BRCM init for ACX
1427362 The FPC/fxpc crash may be observed on ACX platforms
 
In a rare condition, due to a timing issue, the FPC/fxpc may crash if the AE interface flaps, such as deactivating/activating the AE interface.
PR Number Synopsis Category:MPLS for ACX
1435791 In ACX platforms, no-vrf-propagate-ttl may not work after activate or deactivate of COS configuration
 
No-vrf-propagate-ttl may not work after activate or deactivate of COS configuration in acx
PR Number Synopsis Category:common or misc area for SRX product
1430941 Unable to launch J-Web , when the device is upgraded through USB image
 
On SRX5000 series, when the device is upgraded through USB image, J-Web is not available and needs to be installed through "request system software add optional://jweb-srx".
PR Number Synopsis Category:Border Gateway Protocol
1351639 The rpd crashes in JunOS 16.1 or higher during BGP convergence
 
In JunOS 16.1 or higher, during BGP convergence, the input/output thread constructing the outgoing BGP PDU and manipulating the path attributes before hand-off the data to the socket. If this PDU length is zero, it will trigger an assertion and routing-protocol demon is restarting.
PR Number Synopsis Category:CoS support on DNX Platforms
1443466 RED drops might be seen after link flaps or CoS configuration changes
 
On an ACX5448 box, link flaps or CoS configuration changes (specific to temporal value changes) might result in traffic drop on all interfaces and recorded as RED drops.
1470619 RED drop on interface, no congestion
 
On DNX-based platforms such as an ACX5448 - when changing an interface configuration - such as from vlan-tagging to flexible-vlan-tagging 2-3 times - you may see persistent RED drops even when the interface does not experience congestion condition.
PR Number Synopsis Category: DNX platform interface
1434900 ACX5448 might malfunction in encapsulating small packets if egress link is 40G/100G
 
On ACX5448, if egress link is 40G/100G, small size packets are encapsulated improperly and causing remote interface drops the packets as runts.
PR Number Synopsis Category:L3 V4 V6 etc support for DNX
1426734 [ARP] RLI:39207:RIO-X:SKU ACX5448-D: 96K ARPs are getting populated but only 47K NH entries are present. So around 50% packet drop is observed.
 
Due to BCM sdk design, EEDB hardware entry is not freed for unicast next-hop creation. This leads to resource leakage and is not allowing to higher scale.
PR Number Synopsis Category:Miscellaneous PFE on DNX
1422544 slow copy image speed to ACX5448
 
copy images from WAN interface to RE of ACX5448 takes long time
PR Number Synopsis Category:Libjtask for RPD tasks, scheduler, timers, memory, and slip
1431033 Traceoptions file is exceeding configured file size limit and the file keeps on growing
 
With 64-bit RPD running and traceoptions configured e.g. for BGP or MPLS statistics etc., the trace files are not rotating/rolling over as per the configured file size limit and the logs continue to be written to a single file continuously.
PR Number Synopsis Category:Kernel software for AE/AS/Container
1412215 On a trunk interface native-vlan-id causes packet drop on EX4300/3400
 
Whenever the native vlan config is done along with flexible-vlan tagging, the changes related native vlan are not taking effect in PFE.
PR Number Synopsis Category:Juniper Device Manager VM Mgmt and infrastructure function
1463963 nfx-2 :- JDM is not allowing to spin up VM if VNF name contains with word jdm
 
VNF name will be allowed jdm as a substring (case insensitive) but vnf name should not be equal to jdm (case insensitive). In other words, jdm123, abcJDM, abcJDM123 are valid VNF names but jdm, JDM,Jdm, JDm are not valid VNF names
PR Number Synopsis Category:Flow Module
1417510 Junos OS: SRX Series: Denial of Service vulnerability in flowd due to multicast packets (CVE-2019-0068)
 
The SRX flowd process, responsible for packet forwarding, may crash and restart when processing a specific multicast packet ; Refer to https://kb.juniper.net/JSA10968 for more information.
PR Number Synopsis Category:Security platform jweb support
1410401 Junos OS: Session fixation vulnerability in J-Web (CVE-2019-0062)
 
A session fixation vulnerability in J-Web on Junos OS may allow an attacker to use social engineering techniques to fix and hijack a J-Web administrators web session and potentially gain administrative access to the device. Please refer to https://kb.juniper.net/JSA10961 for more information.
PR Number Synopsis Category:Multiprotocol Label Switching
1427414 MPLS LSP auto-bandwidth statistics miscalculations might lead to high bandwidth reservation.
 
With auto-bandwidth configured for Resource Reservation Protocol (RSVP) Label Switched Path (LSP), when current stats collected are lower than previous values, the current stats is used to calculate rate and the rate can be skewed, hence large bandwidth might be wrongly reserved for the LSP. If there is no sufficient resources (e.g. bandwidth, alternative path) in the network, other LSPs might be torn down, or might not go up.
PR Number Synopsis Category:Multicast Routing
1468737 The mcsnoopd crash might be seen if one BD/VLAN is configured as part of EVPN and it has any multicast router interfaces (static/dynamic)
 
In all Junos platforms where EVPN SMET is supported, the mcsnoopd process might crash if a snooping enabled BD/VLAN which has mrouter port(s) is configured as part of EVPN as extended VLAN/VNI.
PR Number Synopsis Category:SW PRs related to Vale Edge (MX10K) development
1451011 JNP10K-LC2101 FPC generates "Voltage Tolerance Exceeded" major alarm for EACHIP 2V5 sensors
 
Alarm "FPC X Voltage Tolerance Exceeded" and got cleared after ~ 20second for FPC model "JNP10K-LC2101". Alarm is raised for EA_chip_2v5 sensors as voltage readings are reported as out of tolerance. The issue is due to incorrect reading of voltage level, there shall be no impact expected from this issue. %DAEMON-4: Alarm set: CB color=RED, class=CHASSIS, reason=FPC 0 Voltage Tolerance Exceeded %DAEMON-4: Receive FX craftd set alarm message: color: 1 class: 100 object: 143 slot: 0 silent: 0 short_reason=FPC 0 Voltage Failure long_reason=FPC 0 Voltage Tolerance Exceeded id=1946157199 reason=1946157056 %DAEMON-4: Major alarm set, FPC 0 Voltage Tolerance Exceeded Following error might be seen in host logs: fpc_volt_read:1183 Volt tolerance failure Address: 0x35 Segment: 0x10 Sensor Name: EA0_2V5 ratio = 0.317200 fpc_volt_read:1183 Volt tolerance failure Address: 0x35 Segment: 0x10 Sensor Name: EA0_2V5 ratio = 0.317200
PR Number Synopsis Category:FreeBSD Kernel Infrastructure
1425608 The kernel crashes when removing mounted USB while a file is being copied to it
 
If you pulled out a USB from the system while files are being copied, the kernel will panic and the system will restart.
1439189 The recovery snapshot cannot be created after system zeroize
 
On EX2300/3400 platforms, the recovery snapshot might not be able to be created after a system zeroize. This is due to certain hardware space limitation over time where there is not enough space to save full snapshot.
1442376 EX2300 platforms might stop forwarding traffic or responding to console
 
On EX2300/EX2300-C platforms, if Junos software is with FreeBSD kernel version 11 with the build date on or after 2019-02-12, the switch may stop forwarding traffic or responding to console. Power cycle of switch would recover the issue.
1445151 The RE might go to amnesiac mode if there is an older os-package package on an upgraded box
 
On all Junos platforms, if there is an older os-package package exist on an upgraded device, the RE might go to amnesiac mode after a reboot. The os-package is essential when toggling back and forth between 15.1 release and a later release.
1454950 mgd error found during Junos 18.4R2.7 boot up and Junos did not work as expect
 
PFE sometimes does not come up after system reboot .Timeout is required to handle the fifo tx/rx error. Debug sysctls are been removed. Mutex been added to handle to race condition.
1469400 Member of virtual chassis might reboot because of lack of watchdog patting
 
In virtual-chassis scenario on EX3400, if watchdog pat did not happen within stipulated time, member (master or backup or linecard) of virtual chassis might reboot automatically with "0x2:watchdog" as reboots reason.
PR Number Synopsis Category:PTP related issues.
1408178 QFX5k : Transit traffic loss when one of LAG child interfaces deleted or deactivated
 
Traffic does not pass through LAG interface on QFX5k once deleted or deactivated one of child interfaces though LAG interface is UP state. At that time, invalid vlan tag will be added to traffic.
PR Number Synopsis Category:QFX Control Plane Kernel related
1457414 The PFE process might crash after RE (routing-engine) switchover on QFX10K platforms
 
On QFX10K platforms, the PFE process might crash after routing engine (RE) switchover if the device has GRE(Generic Routing Encapsulation) or p2p interface configuration. The issue is due to the internal tokens allocated for GRE or p2p interfaces on master RE are not sent to backup RE. Since these tokens are not available on backup RE, there will be issues post GRES (Graceful Routing Engine Switchover) as the new master will end up creating same tokens as the old master. These tokens are already received by PFE from old master, the PFE will reject the new tokens and may panic.
PR Number Synopsis Category:QFX platform optics related issues
1430115 Interface on QFX does not come up after the transceiver is replaced with one having different speed
 
On QFX series platforms, interface may not come up when the transceiver is replaced with another transceiver which has different speed.
PR Number Synopsis Category:Filters
1464352 The dcpfe might crash when changing the firewall filter on QFX5K platforms
 
On QFX5K switches, when a firewall filter term is changed in scale conditions (such as, more than 2500 iRACL--ingress Routing ACL entries), the dcpfe might crash especially in make-before-break scenario. It might cause all interfaces in this FPC down.
PR Number Synopsis Category:KRT Queue issues within RPD
1406822 Traffic impact might be seen if auto-bandwidth is configured for RSVP LSPs
 
With auto-bandwidth configured for Resource Reservation Protocol (RSVP) Label Switched Path (LSP), when timeout occurs during LSP statistics query, large bandwidth might be wrongly reserved for the LSP. If there is no sufficient resources (e.g. bandwidth, alternative path) in the network, other LSPs might be torn down, or might not go up.
PR Number Synopsis Category:show route table commands, tracing, and syslog facilities
1442542 EVENT UpDown interface logs are partially collected in syslog messages
 
When multiple interfaces UpDown event happens, a number of interfaces are not logged the event but partial logs are recorded in messages file.
PR Number Synopsis Category:Generic platform and infra issues for MS-MIC and MS-MPC(XLP)
1358019 Traffic might be blocked on MX with MS-MPC/MS-MIC
 
On MX Series platforms with MS-MPC or MS-MIC, if a large sum of similar packets (for example, thousands of packets) are received, because of the flaw in the method to process these packets, data/management path was completely blocked and dead locked. Eventually, traffic might be blocked.
PR Number Synopsis Category:MX10003/MX204 Platform SW - Chassisd s/w defects
1422679 The allocation of MAC address may fall out of the MAC address pool on MX204 platform
 
On an MX204 platform, the allocation of MAC address for the second PIC in the FPC may fall out of the MAC address pool, which may further cause a MAC conflict in the network.
PR Number Synopsis Category:SRX-1RU platfom chassisd SW defects
1453154 The fxp0 interface might redirect unicast packets on SRX4600 platforms
 
When the fxp0 interface receives unicast packets(ICMP/TCP/UDP) which destination is NOT itself, the fxp0 interface might process unicast packets and unicast traffic will be dropped on revenue port.
PR Number Synopsis Category:Junos Automation, Commit/Op/Event and SLAX
1449987 REST API process will get non-responsive when a number of request coming with a high rate
 
When several continuous HTTP requests are received via REST API, the REST service might get non-responsive.
PR Number Synopsis Category:Configuration management, ffp, load action
1407848 The "show configuration" and "rollback compare" commands causing high CPU
 
If scaled config of interfaces and filters are configured, the CPU usage hits 100% for a few seconds while running "show configuration" or "show system rollback compare " commands.
PR Number Synopsis Category:Junos Fusion Aggregation Device Platforms
1412781 Junos fusion / v44 / Incorrect power values for extended optical ports
 
On Junos Fusion setup there is no support to read rx power values considering internal calibration. Hence low rx power values are read across satellite node interfaces. This stands addressed through revised SNOS image. SNOS images carrying fix : 3.5R1.4 and 3.2R4.8 Issue would not be seen on JUNOS compatible with these images.
Modification History:
First publication 2019-12-20
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search