Search our Knowledge Base sites to find answers to your questions.
Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles18.4R1-S6: Software Release Notification for JUNOS Software Version 18.4R1-S6
Junos Software service Release version 18.4R1-S6 is now available.
| PR Number | Synopsis | Category: ACX Services feature |
|---|---|---|
| 1479710 | dcpfe core when disabling/enabling macsec via Toby scripts |
dcpfe core when disabling/enabling macsec via Toby scripts |
| PR Number | Synopsis | Category: DNX L2 related features |
| 1453766 | ACX5448 FPC crashed due to segmentation fault |
ACX5448 FPC crashed due to segmentation fault, due to timing issue. There is very low chance of this core occurring. |
| 1407506 | FPC crash and slow convergence upon HMC Fatal error condition when inline-jflow is used |
On MX Series platforms using MPC7E, MPC8E, MPC9E, MX10k-LC2101, or MX10003, when the inline J-Flow application is used, a fatal error on Hybrid Memory Cube (HMC) performs a "disable-pfe" action. Because J-Flow records are hosted on the HMC memory partition, reading and writing to the HMC memory might trigger FPC crash and high FPC CPU utilization, causing slow convergence (adding/deleting routes or next hops) for other Packet Forwarding Engines on the same FPC carrier. |
| PR Number | Synopsis | Category: Layer 2 Control Module |
| 1478157 | "show evpn statistics instance" command gets stuck on multihomed scenario. |
"show evpn statistics instance" command gets stuck on multihomed scenario. The command shall give proper output but will not terminate and only time out. Ctrl+C can be used to exit the command immediately. |
| PR Number | Synopsis | Category: Multiprotocol Label Switching |
| 1282369 | The rpd on backup RE might crash when the rpd on master RE restarts |
With nonstop active routing (NSR), when the routing protocol process (rpd) restarts on the master Routing Engine, the rpd on the backup Routing Engine might restart. |
| PR Number | Synopsis | Category: Multi Protocol Label Switch OAM |
| 1399484 | The rpd process might crash when executing "traceroute mpls bgp" |
When traceroute is performed to a remote host for an MPLS LSP using the command "traceroute mpls bgp", in very rare cases, it is possible that mplsoam daemon is holding the stale BGP instance handle in the query to the rpd process to get the information for the Forwarding Equivalence Class (FEC). Hence rpd crash might occur because of the invalid instance and cause traffic impact till rpd comes back up. |
| PR Number | Synopsis | Category: RPD Next-hop issues including indirect, CNH, and MCNH |
| 1242589 | In a BGP/MPLS scenario, if the next-hop type of label route is indirect, disabling and enabling the "family mpls" of the next-hop interface might cause the route to go into a dead state |
In a BGP or MPLS scenario, if the next-hop type of label route is indirect, then the following changing events about the next-hop interface MPLS family might cause the route to be in DEAD state, and the route will remain dead even when the family MPLS is again activated. The following events occur: Deactivating and activating the interface family mpls Deleting and adding back the interface family mpls Changing maximum labels for the interface Note: When a labelled route is resolved over an interface, that interface must have family mpls configured for the route to be successfully resolved. Otherwise the route does not get resolved. |
| 1424819 | The rpd keeps crashing after changing configuration |
In the ECMP (Equal-Cost Multipath) environment with existing more than 8 multipath for a given route, changing configuration (e.g. delete routing protocol IGP or LSP) is trying to delete a software structure which was already corrupted sometime earlier due to memory corruption, and this may cause the rpd to keep crashing. This issue applies to all types of nexthops with multipath. |
| PR Number | Synopsis | Category: RPD policy options |
| 1357802 | Configuration commit operation after policy change causes rpd crash |
The rpd might crash during policy configuration changes. |
| PR Number | Synopsis | Category: Trio pfe microcode software |
| 1463718 | On MX204 platform, Packet Forwarding Engine (PFE) errors may occur when incoming GRE tunnel fragments 1) get sampled and 2) undergo inline reassembly |
On MX204 platform, Packet Forwarding Engine (PFE) error messages might be seen when sampling, GRE tunnel termination and inline reassembly are all configured. The errors could cause packet buffer memory leak. Eventually, once packet buffer memory is exhausted, traffic will starting getting lost. |
| PR Number | Synopsis | Category: EX2300/3400 platform |
|---|---|---|
| 1477165 | EX3400 me0 interface might remain down |
The me0 interface of EX3400 does not come up when connected to 100m speed interface. |
| PR Number | Synopsis | Category: Accounting Profile |
| 1452363 | The pfed might crash and not be able to come up on the PTX or TVP platforms |
The flow label statistics are retrieved periodically by pfed for PTX or TVP platforms, if the statistics reply becomes very big number, the pfed might crash hence affecting traffic. |
| PR Number | Synopsis | Category: "agentd" software daemon |
| 1409639 | The CPU might be hogged by jsd process in JET scenario |
The JET (Juniper Extension Toolkit) service process (jsd) is used to support application interaction with Junos OS, by default, jsd listens for API execution requests on TCP prot 32767. When gRPC is enabled in JET scenario, under certain conditions, the cpu might be hogged by jsd process during the connection establishment of a client. |
| PR Number | Synopsis | Category: Border Gateway Protocol |
| 1382892 | The rpd might crash under a rare condition if GR helper mode is triggered |
When graceful restart is configured on the BGP peer device, if the peer device initiate new TCP connection when there is an existing TCP connection for the BGP session, send OPEN message and this new TCP connection also get torn down immediately after establishment/sending of OPEN message. The rpd might crash. |
| 1402255 | On the multi-access/broadcast network, third party BGP router might unexpectedly select RR router as next-hop to forward the IPv6 traffic. |
RFC 2545 has a limitation on third party next-hops where the next hop is propagated unchanged. Due to this limitation, BGP inet6 Route-Reflector router attaches the BGP neighbor's IPv6 global address and its own IPv6 link-local address as the next-hops while advertising the route to another BGP neighbor. This could introduce the forwarding issue on the BGP neighbor from other vendors if their device picks up the link-local address as next-hop. This would put the BGP RR router in the traffic forwarding path unexpectedly. This issue will not be seen on Juniper devices because IPv6 link-local address would not be selected as prefix's next hop. |
| 1412538 | BGP might stuck in Idle state when the peer triggers a GR restart event |
When NSR (nonstop-routing) is enabled in local device and BGP GR (Graceful-Restart) is enabled in peer device, if the peer triggers a GR restart (it is usually caused by some failure in peer or the peer restarts rpd, etc), some BGP sessions might stuck in Idle state. The reason is that when the GR restart happens, the device is still doing the initial sync to the backup RE of the previous sessions, so some BGP sessions might stuck in Idle state because the router does not complete the process (the initial sync of the data set to the backup). |
| 1446861 | The rpd CPU utilization gets 100% due to incorrect path-selection |
On Junos platforms with BGP-PIC (protect core) and "add-path" enabled scenario, the rpd CPU utilization gets 100% due to incorrect path-selection. This issue may impact route update convergence or even cause routing protocols to flap. |
| 1454951 | The rpd process might crash when multipath is in use |
If multipath is enabled, in some certain conditions, The rpd process might crash while secondary route resolution is running. |
| 1487691 | High CPU utilization might be observed when the outgoing BGP updates are sending slowly |
On all Junos platforms with BGP scenario, the rpd process might go into high CPU utilization if there are a few BGP peers that are sending the updates slowly. The high CPU utilization of the BGP IO thread (bgpio, it is part of the rpd daemon) happens when the outgoing BGP update queue is full. This defect could cause a slow BGP network convergence problem. (See also https://kb.juniper.net/TSB17725) |
| PR Number | Synopsis | Category: MX Platform SW - FRU Management |
| 1383335 | chassis-control process (chassisd) runs between 10-20% CPU utilization |
The chassis-control process's CPU utilization is running between 10% to 20% after a software upgrade to 18.4R1 or latrer |
| 1442138 | The chassisd is unable to power off a faulty FPC after RE switchover which leading to chassisd restart loop |
In the MX router with a faulty (e.g. hardware error) FPC (Flexible PIC Concentrator) installed, performing RE (Routing Engine) switchover or restarting chassisd which may cause chassisd restart loop. This issue will cause traffic lose completely. |
| PR Number | Synopsis | Category: Control Plane for Node Virtualization |
| 1451215 | Main chassisd thread at a JNS GNF could experience stalls upon GNF SNMP polling for hardware-related OIDs |
- Chassisd main thread stalls could be seen at a JNS GNF upon GNF SNMP polling for HW-related OIDs (e.g. ones from jnxBoaAnatomy MIB). - If a GNF chassisd main thread stalls are ongoing and the GNF is restarted, then a service MGD process at the BSYS could start spinning at 100% CPU. This MGD process won't terminate by itself and will be consuming 100% CPU even when the GNF is back online. |
| PR Number | Synopsis | Category: ISIS routing protocol |
| 1430581 | The next-hop of IPv6 route remains empty when a new ISIS link comes up |
In a scenario with IS-IS running single spf (shortest-path-first) for IPv4 and IPv6, that is, multi-topology is not enabled, when a new IS-IS link comes up, IFA (interface address) for IPv4 comes up quickly and the route is installed, but IFA for IPv6 is not up quickly because DAD (Duplicate Address Detection) is enabled by default. Therefore, after spf calculation, the next-hop list for IPv6 remains empty for about 11 seconds, and IS-IS ends up deleting the route. |
| 1455432 | The rpd might crash continuously due to memory corruption in ISIS setup |
With ISIS configured and in a very rare case, memory corruption may occur, this may cause rpd crash continuously. |
| PR Number | Synopsis | Category: Category for JET(JUNOS Extension Toolkit) related issues |
| 1401854 | JET authentication does not work for usernames and passwords of certain lengths. |
The authentication module for JET RPCs and Telemetry fails in authenticating usernames or passwords of certain lengths. Hence the users will be unable to execute JET APIs or Junos Streaming Telemetry. |
| PR Number | Synopsis | Category: Security platform jweb support |
| 1431298 | Junos OS: Path traversal vulnerability in J-Web |
A path traversal vulnerability in the Juniper Networks Junos OS device may allow an authenticated J-web user to read files with 'world' readable permission and delete files with 'world' writeable permission. Refer to https://kb.juniper.net/JSA10985 for more information. |
| PR Number | Synopsis | Category: PFE infra to support jvision |
| 1456275 | Queue data might be missing from path '/interfaces/interface/state' |
On subscribing to '/interfaces/interface/state/' it might get subscribed to '/junos/system/linecard/interface/traffic/' internally, instead of '/junos/system/linecard/interface/queue/' which might impact traffic. |
| PR Number | Synopsis | Category: Layer 2 Circuit issues |
| 1425828 | The rpd process might crash and core dump during mpls ping command on l2circuit |
When end-interface or backup-interface/protect-interface in end-interface is used as an interface for the "ping mpls l2circuit interface" command, the rpd process might crash and generate core files. |
| PR Number | Synopsis | Category: Label Distribution Protocol |
| 1416032 | LDP routes might flap in rare conditions |
On all Junos platforms, if there is any protocol running dependent on LDP (e.g., l2circuit/L2VPN), after committing any configuration changes, even only such as changing the description on an interface, unnecessary LDP updates might be seen. Only services dependent on LDP might be impacted during the period. It is a rare timing issue. |
| 1428843 | The LDP might withdraw a label for an FEC once the IGP route is inactive in inet.0 |
If LDP is used without using egress-policy, when the route from other routing protocol is preferred over the IGP route in inet.0, e.g. BGP-LU route exported in inet.0, LDP might withdraw the FEC label hence causing LDP traffic to get lost. |
| 1451157 | The LDP route timer is reset when committing unrelated configuration changes |
The LDP route timer is reset due to committing unrelated configuration changes. As usual, the "route timer reset" implies route churn, but LDP itself is not affected as there is no real nexthop change in the case of configuration commit with unrelated changes. However, protocols using the LDP route as protocol nexthop may be impacted. |
| 1460292 | High CPU usage and rpd coredump might be observed if "ldp track-igp-metric" is configured and IGP metric is changed |
If "protocols ldp track-igp-metric" is configured, metric change of IGP route might cause high CPU usage and rpd coredump on the device. |
| PR Number | Synopsis | Category: PTX1000 platform |
| 1401507 | The TCP connection for external or internal might be dropped due to a kernel issue |
Due to a kernel issue, any TCP connection, either the external TCP carrying like BGP or internal TCP like the connection between ppmd in RE and ppman in PFE might be dropped. It will result in the relevant session going down. |
| PR Number | Synopsis | Category: mc-ae interface |
| 1479012 | MC-AE interface may be shown as unknown status if adding the sub-interface as part of the VLAN on the peer MC-AE node |
If adding the sub-interface as part of the VLAN on the peer MC-AE node while its corresponding MC-AE interface is still not configured to be part of the VLAN, the status of the MC-AE interface might be shown as unknown. It might have an impact on the traffic as the colour of the MC-AE interface could not be updated correctly. |
| PR Number | Synopsis | Category: Multiprotocol Label Switching |
| 1402185 | JSA10979 Junos OS: A specific SNMP command can trigger a high CPU usage Denial of Service in the RPD daemon. (CVE-2020-1600) |
In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an uncontrolled resource consumption vulnerability in the Routing Protocol Daemon (RPD) in Juniper Networks Junos OS allows a specific SNMP request to trigger an infinite loop causing a high CPU usage Denial of Service (DoS) condition. Refer to https://kb.juniper.net/JSA10979 for more information. |
| PR Number | Synopsis | Category: Multi Protocol Label Switch OAM |
| 1436373 | The rpd might crash after executing 'ping mpls ldp' |
In LDP to BGP-LU stitching scenario, when BGP route goes down, MPLS ping is done before that route is pulled out of the routing table, the rpd will crash. |
| PR Number | Synopsis | Category: Kernel MPLS / Tag / P2MP Infrastructure |
| 1478806 | Kernel crash and device restart might happen |
In a corner case on Junos platform, where the family ccc is configured along with any other existing family within the same interface, like inet, inet6, etc. (basically, Junos never allows to do so, but somehow a customer did it ). And if the family ccc is deleted from the interface, which might cause kernel crash and the device reboot automatically, so all the traffic will be interrupted. |
| PR Number | Synopsis | Category: IPv6/ND/ICMPv6 issues |
| 1443576 | Junos OS: Improper handling of specific IPv6 packets sent by clients eventually kernel crash (vmcore) the device. (CVE-2020-1603) |
Specific IPv6 packets sent by clients processed by the Routing Engine (RE) are improperly handled. Refer to https://kb.juniper.net/JSA10982 for more information. |
| PR Number | Synopsis | Category: Kernel Tunnel Interface Infrastructure |
| 1478822 | The protocol MTU may not be changed on lt- interface from the default value |
For the first time, the protocol MTU of lt- interface changing from default state to any other specific value, it can not be changed. The configuration will show it has been changed to the specific value, but checking by the CLI command "show interface lt-x/x/x", there's no setting value for the protocol MTU of lt- interface. The traffic may be impacted by this issue. |
| PR Number | Synopsis | Category: QFX platform optics related issues |
| 1402127 | QSFP-100GBASE-SR4/LR4 might take a long time to come up after disabling interface or reboot |
On QFX5110 platform with QSFP-100GBASE-SR4/LR4 port used, after disabling an 100G port and then enable the port again, or reboot the device, there is a long time delay (5-15 minutes) before the ports come up. |
| PR Number | Synopsis | Category: QFX L2 PFE |
| 1473685 | The RIPv2 packets forwarded across a L2circuit connection might be dropped |
When RIPv2 routes are received on a QFX5100/EX4600 platforms, either to or from an L2 circuit connection, such packets are not propagated. This includes directed unicast RIPv2 packets. |
| PR Number | Synopsis | Category: RPD Next-hop issues including indirect, CNH, and MCNH |
| 1441550 | The rpd may crash or consume 100% of CPU after flapping routes |
When flapping the existed flood nexthop type routes, it may cause rpd crash or consume 100% of CPU. This issue may cause routing protocols sessions/neighbors flap or traffic loss. |
| 1460786 | IPv6 Prefix might be hidden when received over IPv4 BGP session |
When labeled-IPv6 and non-labeled IPV6 prefixes are received with the same protocol nexthop and the outgoing interface does not have MPLS family enabled, the IPv6 non-labeled route will be in inactive state and remains in hidden state. |
| PR Number | Synopsis | Category: RPD policy options |
| 1453439 | Routes resolution might be inconsistent if any route resolving over the multipath route |
On all Junos platforms, any route resolving over the multipath routes, one scenario is BGP over BGP. After the metric value of any PNH (refers to the second PNH and using it to performing the second time next-hop resolving) changes, meanwhile, if the hash-selection changes happened, it might result in routes resolution inconsistency. Traffic drops could be observed if the packages are still forwarding to the old PNH (Protocol Next Hop). Any recursive resolving multipath scenario might trigger this issue. |
| PR Number | Synopsis | Category: SRX Argon module bugs |
| 1480005 | The flowd/srxpfe process might crash when Advanced Anti-MalWare service is used |
On all multiple-threads SRX Series devices with Advanced Anti-MalWare service used, in a rare condition that a deadlock might occur among multiple threads, which results in the flowd/srxpfe crash. |
| PR Number | Synopsis | Category: Trio pfe stateless firewall software |
| 1433034 | The FPC might crash when the firewalls filter manager deals with the firewall filters |
In some corner scenarios (e.g. the IGP neighbor flaps on the IFL configured with the firewall filters), the crash of FPC might be observed if the firewalls filter manager (DFW) deals with the filters of the interface. |
| PR Number | Synopsis | Category: Trio pfe l3 forwarding issues |
| 1354225 | Trinity JNH memory leak when adding and removing unicast NH |
Junos MPC memory leak when adding and removing unicast Next-hops |
| 1426727 | Some CFM and BFD sessions might flap while collecting MPLS statistics |
On Junos-based platform with MPLS and MPLS statistics enabled as well as a CFM or BFD, when CFM with continuity-check interval less than 1000ms (e.g. 100ms) or BFD with minimum-interval less than 1000ms (e.g. 100ms), during the periodic MPLS statistics collection if there are a large number of next-hops (several thousand) related to MPLS forwarding, the transmission of the periodic CFM or BFD protocol packet may be delayed. It may cause some CFM or BFD sessions to expire on the remote side of the session due to timeout, which can further result in traffic drop due to CFM/BFD flapping. |
| PR Number | Synopsis | Category: Configuration mgmt, ffp, load-action, commit processing |
| 1468119 | Daemons might not be started if "commit" is executed after "commit check" |
On Junos from 16.2R1 onwards, if "commit" is executed after "commit check", the daemon (e.g. dhcpd, sampled) might not be started even the related configuration is successfully committed. |
Getting Up and Running with Junos
Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search