Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

17.1R3-S2: Software Release Notification for JUNOS Software Version 17.1R3-S2



Article ID: TSB17739 TECHNICAL_BULLETINS Last Updated: 11 May 2020Version: 3.0
Alert Type:
SRN - Software Release Notification
Product Affected:
Alert Description:
Junos Software Service Release version 17.1R3-S2 is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Junos Software service Release version 17.1R3-S2 is now available.


PR1463859 introduces a software defect that causes a 10GE interface to flap continuously when configured with the WAN-PHY framing with the default "hold-down" timer (0). Once you upgrade a router to an affected software release, the interface may flap continuously. This is not applicable to an interface with the default framing - LAN-PHY. [TSB17782]

17.1R3-S2 - List of Fixed issues

PR Number Synopsis Category: MPC Fusion SW
1463859 The MPC2E-NG/MPC3E-NG card with specific MIC might crash after a high rate of interface flaps
If any MIC of MIC-3D-2XGE-XFP / MIC-3D-4XGE-XFP / MIC-3D-20GE-SFP-E / MIC-3D-20GE-SFP-EH / MIC-MACSEC-20GE is installed in MPC2E-NG/MPC3E-NG card, the Microkernel (uKern) might hog for CPU on Packet Forwarding Engine (PFE) when there is a high rate of interface flaps (~30/40 flaps per second). This will eventually trigger the MPC2E-NG/MPC3E-NG card crash with an NGMPC core file. Normally the excessive interface flapping won't happen frequently in real world and it may be caused due to external environment. This fix will reduce the impact and prevent the uKern hog when having such conditions.
PR Number Synopsis Category: Firewall Filter
1473093 Traffic might not be forwarded into the right queue but the default queue when VPLS traffic has three or more VLAN tags with VLAN priority 5
On the MX platform with MPC line card (except DPC line card) used, if an input firewall filter is configured at the ingress VPLS interface, the packet with a VLAN priority of 5 with three or more VLAN tags might be forwarded into the wrong queue. When this occurs, it might cause traffic loss due to congestion as all traffic is forwarded into the default queue.
PR Number Synopsis Category: Express PFE L2 fwding Features
1399369 CPU hog may be observed on PTX/QFX10000 Series platform
On PTX/QFX10000 series platform, CPU hog on PFC may be observed if the adaptive feature is enabled to load-balance for an AE interface.
PR Number Synopsis Category: Optical Transport Interface
1467712 "MIC Error code: 0x1b0002" alarm might not be cleared for MIC on MPC5E when the voltage has returned to normal
The voltage high alarm might not be cleared when voltage level comes back to normal for MIC on MPC5.
PR Number Synopsis Category: FreeBSD Kernel Infrastructure
1146891 EX4300-48MP: 'set system ports console log-out-on-disconnect' does not work
'set system ports console log-out-on-disconnect' does not work
PR Number Synopsis Category: PTX Broadway based PFE MPLS-LSPs RSVP VPNs tcc ccc software
1484255 FPC might crash when dealing with invalid next-hops
On PTX3000/PTX5000 platform with some specific FPCs, if the weights of links are set to an invalid value on an AE bundle interface or unilist (an unilist next-hop composed of several unicast next-hops), the FPC crash might be observed. It is a rare issue and the FPC will try to reload to resolve this problem. Traffic loss might be seen before the FPC completes the reload period.
PR Number Synopsis Category: RPD policy options
1357802 Configuration commit operation after policy change causes rpd crash
The rpd might crash during policy configuration changes.
PR Number Synopsis Category: SNMP Infrastructure (snmpd, mib2d)
1392616 The snmpd process might crash and cause a core dump
The snmpd process leaks memory in the SNMPv3 query path and crashes. The issue is caused by a memory leak when the request PDU is dropped by SNMP when the snmp filter-duplicates configuration is enabled. Each request PDU has a structure pointer for the SNMPv3 security details. This is allocated when the PDU is created or cloned. But while dropping the duplicate requests, the corresponding structure is not freed, which causes the memory leak.
PR Number Synopsis Category: Stout PF fabric (SFB2)
1461356 Traffic might be impacted because the fabric hardening is stuck
Fabric hardening (FH) is the process of controlling bandwidth degradation to prevent traffic null route. When FH is processing, if SFB/SCB get failure, FH process will be stuck, which will get traffic lost.

17.1R3-S2 - List of Known issues

PR Number Synopsis Category: Software build tools (packaging, makefiles, et. al.)
1417345 The JSU package installation may fail
In a specific scenario, the JSU (Junos OS selective upgrade) package installation on a router which has JET (Juniper Extension Toolkit) package installed may fail due to "Operation not permitted" error. This issue does not impact service and traffic.
PR Number Synopsis Category: QFX Access control list
1026708 EX4300/EX4600/QFX3500/QFX5100 Series: Stateless IP firewall filter may fail to evaluate certain packets (CVE-2020-1604)
On EX4300, EX4600, QFX3500, and QFX5100 Series, a vulnerability in the IP firewall filter component may cause the firewall filter evaluation of certain packets to fail. Refer to for more information.
1458027 Junos OS: EX4300/EX4600/QFX3500/QFX5100 Series: Stateless IP firewall filter may fail to evaluate certain packets (CVE-2020-1604)
On EX4300, EX4600, QFX3500, and QFX5100 Series, a vulnerability in the IP firewall filter component may cause the firewall filter evaluation of certain packets to fail. Refer to for more information.
PR Number Synopsis Category: BBE network stack related issues
1432957 Junos OS: MX Series: In BBE configurations, receipt of a specific MPLS or IPv6 packet causes a Denial of Service
Receipt of a specific MPLS or IPv6 packet on the core facing interface of an MX Series device configured for Broadband Edge (BBE) service may trigger a kernel crash (vmcore), causing the device to reboot. Please refer to for more details.
PR Number Synopsis Category: Bi Directional Forwarding Detection (BFD)
1354409 AE interface and BFD session remain down after interface disable/enable
With Bidirectional Forwarding Detection (BFD) configured on an aggregated Ethernet interface, if you disable/enable the aggregated Ethernet interface, then that interface and the BFD session might not come up.
PR Number Synopsis Category: Border Gateway Protocol
1351639 The rpd crashes in JunOS 16.1 or higher during BGP convergence
In JunOS 16.1 or higher, during BGP convergence, the input/output thread constructing the outgoing BGP PDU and manipulating the path attributes before hand-off the data to the socket. If this PDU length is zero, it will trigger an assertion and routing-protocol demon is restarting.
1487691 High CPU utilization might be observed when the outgoing BGP updates are sending slowly
On all Junos platforms with BGP scenario, the rpd process might go into high CPU utilization if there are a few BGP peers that are sending the updates slowly. The high CPU utilization of the BGP IO thread (bgpio, it is part of the rpd daemon) happens when the outgoing BGP update queue is full. This defect could cause a slow BGP network convergence problem. (See also
PR Number Synopsis Category: BBE Remote Access Server
1402653 The '%USER-3-DH_SVC_DUPLICATE_IPADDR_ERR' errors might be seen when subscribers login and the address pools have few addresses freed
The authd reuses address too quickly before jdhcpd completely cleans up the old subscriber, which results in syslog errors: jdhcpd: %USER-3-DH_SVC_DUPLICATE_IPADDR_ERR: Failed to add as it is already used by 1815.
1449064 Subscribers login fails when PCRF server is unreachable
In Gx-Plus for Provisioning Subscribers scenario, when the PCRF (Policy and Charging Rules Function) server is unreachable or the diameter protocol is down, the subscriber login might fail to successfully establish a session or the subscribers might fail to bind a service policy by Gx-Plus after the PCRF Server connectivity is restored.
PR Number Synopsis Category: PTX Express ASIC interface
1340612 Link goes down on PTX3000/PTX5000 with FPC3 inserted after router reboot or link flap
On PTX3000/PTX5000 with FPC3 inserted, sometimes if there is a router reboot or link flap, DFE tuning (link training) might end up with port staying down.
PR Number Synopsis Category: Interface Information Display
1269229 After MACsec link flaps, traffic forwarding across the MACsec link might not be received
After the MACsec session flaps, data traffic sent over the MACsec-enabled link might not be properly received and the receiving device might report the received frames as "framing errors" in the output of show interfaces command.
PR Number Synopsis Category: mc-ae interface
1447693 The l2ald might fail to update composite NH
This is a timing issue where the l2ald receive underlay NH from rpd as part of LSI IFF ADD (VPLS core NH) and creates flood NH. Due to LSI flap on switchover, the l2ald receives multiple LSI IFF Add and Delete in some order. In some sequence where rpd delete underlay NH from Kernel Forwarding table but the l2ald still create flood NH with this underlay NH, because IFF delete is yet to be received at the l2ald, so l2ald might fail to update Composite NH. This is generic L2 issue and can happen without mc-ae.
PR Number Synopsis Category: Multiprotocol Label Switching
1460283 Pervious configured credibility preference it is not considered by CSPF despite the configuration is deleted or changed to prefer another protocol in TED
After configuring the credibility, the new credibility preference value will be stored internally and its not cleared or consider by the CSPF module, incase if the perviously configuration of "traffic-engineering credibility-protocol-preference" was deleted or if you configure "traffic-engineering credibility-protocol-preference" under another protocol (for example ISIS)
PR Number Synopsis Category: OS IPv4/ARP/ICMPv4
1442815 ARP resolution might fail after ARP HOLD NHs are added and deleted continuously
ARP (Address Resolution Protocol) address resolution might fail after ARP HOLD NHs (next-hop) are getting added and deleted from ARP entries continuously.
PR Number Synopsis Category: "ifstate" infrastructure
1379657 Protocol adjacency might flap and FPC might reboot if jlock hog happens.
On all platforms and in scaling scenario, if doing some operations which causes jlock hog, the protocols adjacency might flap and all the FPCs might reboot.
PR Number Synopsis Category: JUNOS Network App Infrastructure (for ping, traceroute, etc)
1463622 The cosmetic error messages of NTP time synchronization might be seen during device booting
In NTP with the boot-server scenario, when the router or switch boots, the NTP daemon will send a ntpdate request to poll the configured NTP boot-server to determine the local date and time. If the ntpdate is not be activated correctly while the device booting, the ntpdate might not work successfully. Then some cosmetic error messages of time synchronization might be seen, but there is no impact with time update since ntp daemon will update the time eventually.
PR Number Synopsis Category: IPSEC functionality on M/MX/T ser
1444183 The kmd process might crash and restart with a kmd core file created if IP of NAT mapping address for IPsec-VPN remote peer is changed.
The kmd (Key Manager Daemon) process is mainly responsible for IPSec key negotiation. When IPsec-VPN peers enable Network Address Translation-Traversal (NAT-T) and established IKE SA (IPsec security associations) with Dynamic Endpoint (DEP) tunnel through the intermediate NAT device, the kmd might crash when IP of NAT mapping for IPsec-VPN remote peer is changed. The kmd crash may result in IPSec traffic loss. When kmd crashes, the established IPsec tunnel will not be affected, unless the IPsec SA re-negotiate happens to take place during the kmd restarting. For the new establishing IPSec tunnel, it cannot be established until kmd comes back up automatically. In rare cases, the kmd will restart, but it may crash again.
PR Number Synopsis Category: Generic platform and infra issues for MS-MIC and MS-MPC(XLP)
1102367 MS-MIC, MS-MPC might generate coredump upon receiving fragmented traffic
On MX Series routers where MS-MIC or MS-MPC is inserted, certain combinations of fragmented packets might lead to an MS-MIC or MS-MPC coredump.
PR Number Synopsis Category: MPC7/8/9 Interface Issues
1441816 Egress stream flush failure and traffic blackhole might occur
Egress stream flush failure and silent dropping of traffic could occur in a rare occasion for a repeatedly flapping link on MPC7E, MPC8E, and MPC9E cards.
PR Number Synopsis Category: Configuration management, ffp, load action
1356218 Commit check error seen while using config private mode on device with openconfig package
Commit check error can be seen while using config private mode on device with openconfig package
PR Number Synopsis Category: UI Infrastructure - mgd, DAX API, DDL/ODL
1415042 The user might not enter configure mode due to mgd is in lockf status
If "commit confirmed " is executed, then issuing another "commit" or "commit confirmed " after around the minutes, in race condition, a rollback might be hit. At last, it may cause the mgd process to enter and to stay in lockf status. Thus, the user might not enter configure mode anymore.
PR Number Synopsis Category: Virtual Private Networks - rpd
1356763 Junos OS: The routing protocol process (rpd) may crash and generate core files upon receipt of specific valid BGP states from a peered host. (CVE-2019-0059)
A memory leak vulnerability in the of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific co
Modification History:
First publication 2020-03-04
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search