Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

18.3R2-S3: Software Release Notification for JUNOS Software Version 18.3R2-S3

0

0

Article ID: TSB17707 TECHNICAL_BULLETINS Last Updated: 10 Jan 2020Version: 1.0
Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, PTX, MX, QFX, vMX, NFX, SRX, vSRX
Alert Description:
Junos Software Service Release version 18.3R2-S3 is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

Junos Software service Release version 18.3R2-S3 is now available.

18.3R2-S3 - List of Fixed issues

PR Number Synopsis Category:EX2300/3400 platform
1417839 EX3400 : "show chassis environment" repeats "OK" and "Failed" at short intervals
 
When the chassisd process receives incorrect values from LCMD for the RPM values, it changes the fan status to "Failed" from "Ok", and vice versa.
PR Number Synopsis Category:QFX PFE L2
1469596 Ingress traffic might be blackholed if underlying interfaces flap in EVPN/VXLAN scenario
 
On QFX5000 platforms with Ethernet Virtual Private Network (EVPN) and Virtual Extensible LAN (VXLAN) scenario, if there is the underlying interface flaps for the core network side, all the ingress traffic might be backholed by the VXLAN Tunnel Endpoint (VTEP) due to this issue.
PR Number Synopsis Category:common or misc area for SRX product
1430941 Unable to launch J-Web when the device is upgraded through USB image.
 
On SRX5000 series, when the device is upgraded through USB image, J-Web is not available and needs to be installed through "request system software add optional://jweb-srx".
PR Number Synopsis Category:BBE Remote Access Server
1479697 The CoA request may not be processed if it includes "proxy-state" attribute
 
In a subscriber management environment, the CoA requests (such as deactivating/activating subscribers) sent from Radius server will fail if the "proxy-state" attribute is present. This attribute is still unsupported but will now be ignored if it's present in CoA requests.
PR Number Synopsis Category:Class of Service
1472083 Unexpected traffic loss might be discovered in certain conditions under fusion scenario
 
On MX platform with enhanced queuing MPC under fusion scenario, EP (Extended Port) hosted on multiple CPs (Cascade Port) which are from different PFEs on the same FPC. Unexpected traffic loss might be observed if a CoS policy with the knob "rate-limit" is applied.
PR Number Synopsis Category:QFX Control Plane VXLAN
1420764 Multicast MAC address might be learned in the Ethernet switching table on QFX5K/QFX10K platforms with EVPN-VXLAN configured
 
On QFX5K/QFX10K platforms with EVPN-VXLAN configured, multicast MAC address might be learned in the Ethernet switching table as the validation check is missed.
PR Number Synopsis Category:Kernel software for AE/AS/Container
1412215 Packet drop might be seen if native VLAN is configured along with flexible VLAN tagging
 
When the native VLAN is configured along with the flexible VLAN tagging on a L3 subinterface, untagged packets might be dropped on that L3 subinterface.
PR Number Synopsis Category:JSR Infrastructure
1450545 Traffic loss might occur when there are around 80,000 routes in FIB.
 
On SRX1500 platform, when there are around 800K routes in forwarding information base (FIB), traffic loss might occur and abnormal error messages of some CLI commands would appear due to lack of memory on packet forwarding engine (PFE). This issue has traffic impact.
PR Number Synopsis Category:Security platform jweb support
1431298 Junos OS: Path traversal vulnerability in J-Web
 
A path traversal vulnerability in the Juniper Networks Junos OS device may allow an authenticated J-web user to read files with 'world' readable permission and delete files with 'world' writeable permission. Refer to https://kb.juniper.net/JSA10985 for more information.
PR Number Synopsis Category:FreeBSD Kernel Infrastructure
1425608 The kernel crashes when removing mounted USB while a file is being copied to it
 
If you pulled out a USB from the system while files are being copied, the kernel will panic and the system will restart.
1442376 EX2300 platforms might stop forwarding traffic or responding to console
 
On EX2300/EX2300-C platforms, if Junos OS is with FreeBSD kernel version 11 with the build date on or after 2019-02-12, the switch might stop forwarding traffic or responding to console. A reboot is required to restore the service.
1454950 mgd error found during Junos 18.4R2.7 boot up and Junos did not work as expect
 
Packet Forwarding Engine sometimes does not come up after system reboot.Timeout is required to handle the fifo tx/rx error. Debug sysctls are been removed. Mutex been added to handle to race condition.
1469400 Member of virtual chassis might reboot because of lack of watchdog patting
 
In virtual-chassis scenario on EX3400, if watchdog pat did not happen within stipulated time, member (master or backup or linecard) of virtual chassis might reboot automatically with "0x2:watchdog" as reboots reason.
PR Number Synopsis Category:QFX access control list
1464883 QFX5100-24Q: not able to apply dscp rewrite to firewall filter to a Layer 3 subinterface (e.g. xe-0/0/0.100)
 
When you try to apply a firewall filter that contains a "then dscp" action to a Layer 3 inet subinterface, you will get an error when trying to commit. Applying the same filter to an IRB interface succeeds as does applying the same filter to a Layer 3 subinterface on QFX5100-48S.
PR Number Synopsis Category:Filters
1464352 The dcpfe might crash when changing the firewall filter on QFX5K platforms
 
On QFX5K switches, when a firewall filter term is changed in scale conditions (such as, more than 2500 iRACL--ingress Routing ACL entries), the dcpfe might crash especially in make-before-break scenario. It might cause all interfaces in this FPC down.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search