Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

17.4R3-S1: Software Release Notification for JUNOS Software Version 17.4R3-S1

0

0

Article ID: TSB17742 TECHNICAL_BULLETINS Last Updated: 10 Mar 2020Version: 1.0
Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, MX, PTX, QFX, NFX, SRX, VRR, Network Agent
Alert Description:
Junos Software Service Release version 17.4R3-S1 is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

Junos Software service Release version 17.4R3-S1 is now available.

17.4R3-S1 - List of Fixed issues

PR Number Synopsis Category: EX9200 Platform
1467459 The MAC move message may have an incorrect "from" interface when MAC moves rapidly
 
On the EX2300/3400/4300/4600/9200 platform, in some cases, if MAC moves rapidly, traffic might be impacted and the MAC move message might have an incorrect "from" interface.
PR Number Synopsis Category: EX2300/3400 PFE
1448071 Unicast arp requests are not replied with no-arp-trap option.
 
When unicast arp request is received by EX3400/QFX5100 switch and it is configured with "set switch-options no-arp-trap option", the arp request may not be replied. This has been fixed and unicast ARP request will be replied even with "set switch-options no-arp-trap option" configuration.
PR Number Synopsis Category: EX2300/3400 platform
1477165 EX3400 me0 interface might remain down
 
The me0 interface of EX3400 does not come up when connected to 100m speed interface.
PR Number Synopsis Category: QFX PFE L2
1462171 The LLDP function might fail when a Juniper device connects to a non-Juniper one
 
On EX/QFX platforms with STP disabled, the LLDP function might fail when a Juniper device connects to a non-Juniper one. In this scenario, the LLDP PDU with destination MAC 01:80:c2:00:00:00, which is one of the three reserved MAC addresses for LLDP in IEEE 802.1AB, will be ignored by Juniper LLDP process, and this causes the LLDP function failure. This issue has service impact.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1437943 The IPv4 fragmented packets might be broken if PTP transparent clock is configured
 
When Precision Time Protocol (PTP) transparent clock is enabled, PTP adds the residence time to the Correction Field of the PTP packets as they pass through the device. On QFX5K platforms with PTP transparent clock enabled, the IPv4 fragmented packets of UDP datagram might be broken by PTP in some rare scenario, and the corrupted packets will be discarded by system. This issue has traffic impact.
1460791 JDI-RCT : QFX 5100 VC/VCF : Observing Error brcm_ipmc_route_counter_delete:3900Multicast stat destroy failed (-10:Operation still running) after ISSU with Mini-PDT base configurations
 
"multicast stats related errors like " brcm_ipmc_route_counter_delete:3900Multicast stat destroy failed (-10:Operation still running)" will be observed during ISSU and these messages are harmless and does not affect multicast functionality".
PR Number Synopsis Category: QFX PFE MPLS
1477301 The traffic may be lost over QFX5100 switch acting as a transit PHP node in the MPLS network
 
In the MPLS network, the packets may get dropped by egress node if the packets go through the QFX5100 switch acting as a transit PHP (penultimate-hop popping) node.
PR Number Synopsis Category: CoS support on ACX
1455722 ACX5048 snmp polling will stalled after the link flap/ sfp replacement and ACX_COS_HALP(acx_cos_gport_sched_set_strict_priority:987): Failed to detach logs will be seen
 
When inserting a SFP, the lowest ifd index available is assigned to the new interface created. During this sfp attach, an ifd-halp entry is also created in cos table for the interface. When SFPs are swapped and SFPs get their IFD index assigned interchanged as that of their old IFDs, issue is observed. As per PFE, the bcm port for the interface remains the same while IFD alone changes when removed and inserted. Hence while creating an ifd-entry for the interface in cos table, it is checked for any old entry still present for same bcm port. But the check done to validate for any old entry is improper. It does not check whether the old ifd index present is still for same bcm port. Due to this check missing, a valid ifd-entry of some other interface is getting deleted in cos table. Introduced the additional validation to ensure the old ifd index of the interface is still for same bcm port. Deleting of old ifd-entry is done only if bcm port of current entry and old ifd entry are same. Also added in existing debug message to display the ifd index which is getting deleted.
PR Number Synopsis Category: MPC Fusion SW
1454595 The 100G Interfaces may not come up again after going down on MPC3E-NG
 
On MPC3E-NG cards with 100G interface in use, if the interface detects Loss of Lock (LOL) on the link without Loss of Signal (LOS), the interface will go down and may not come up again after the link is recovered.
PR Number Synopsis Category: a2a10 specific issue
1471524 The flowd/srxpfe process might crash immediately after committing the jflowv9 configuration or after upgrading to affected releases
 
On all SRX platforms, if Jflow v9 is configured on the device, the flowd/srxpfe daemon might crash when committing the configuration or after upgrading to affected releases. It might show as a hung state for the device or the device will crash. Affected Releases are 12.3X48-D80 to D95 and 15.1X49-D160 to D200.
PR Number Synopsis Category: These are new categories in the areas of PFE
1460209 Loop detection might not work on extended ports in Junos Fusion scenarios
 
In Junos Fusion scenarios, if loop detection is enabled on extended ports, when a satellite device (SD) is rebooted, or when a satellite device is added or removed/re-added, the loop detection feature might not work.
PR Number Synopsis Category: Border Gateway Protocol
1473351 Removing cluster from BGP group might cause prolonged convergence time
 
Cluster removal from BGP group might lead to a state where each subsequent change to BGP configuration will trigger import policy reevaluation causing prolonged convergence time of several minutes. This might result in a traffic loss.
1487691 High CPU utilization might be observed when the outgoing BGP updates are sending slowly
 
On all Junos platforms with BGP scenario, the rpd process might go into high CPU utilization if there are a few BGP peers that are sending the updates slowly. The high CPU utilization of the BGP IO thread (bgpio, it is part of the rpd daemon) happens when the outgoing BGP update queue is full. This defect could cause a slow BGP network convergence problem. (See also https://kb.juniper.net/TSB17725)
PR Number Synopsis Category: BBE Remote Access Server
1431614 Subscriber filtering for General Authentication Services traceoptions will report debug messages for other users.
 
Subscriber filtering for General Authentication Services traceoptions will report debug messages for other users.
PR Number Synopsis Category: Captive Portal, Content Delivery Daemon, and Service Plugin
1445382 The cpcdd process might crash continuously if the captive-portal-content-delivery service is activated for dual-stack PPPoE/DHCPv6 subscriber. Basically issue can occur when multiple add request for same subscriber and same IFL.
 
On MX platforms running with subscriber-management enabled, if the single client connection of Point-to-Point Protocol over Ethernet (PPPoE) dual-stacked with Dynamic Host Configuration Protocol version 6 (DHCPv6) is established, and then the captive-portal-content-delivery (CPCD) service is activated for both PPPoE and DHCPv6 sessions, the cpcdd process might crash continuously and stop working due to this issue. Basically issue can occur when multiple add request for same subscriber and same IFL.
PR Number Synopsis Category: Cassis pfe microcode software
1380566 FPC Errors might be seen in subscriber scenario
 
In subscriber scenario, if the"service-accounting-deferred" is configured on dynamic-profile, and there is multicast to a large number of destinations on the same physical port, the FPC Errors might be seen.
PR Number Synopsis Category: MX Platform SW - UI management
1457657 The chassisd process and all FPCs may restart after RE switchover
 
The chassisd process and all FPCs may restart after RE switchover if the knob "master-only" is enabled.
PR Number Synopsis Category: L2NG Access Security feature
1478375 The process dhcpd may crash in a Junos Fusion environment
 
On EX92XX platforms with the DHCP snooping configured, if a peer receives DHCPv6 packets from the server without the "client-id" option present, and it is syncing packets to the other side at that time, then the process dhcpd crash may be observed.
PR Number Synopsis Category: Device Configuration Daemon
1430966 EX92 unexpected "duplicate VLAN-ID" commit error
 
A problem with configuration parsing related to vlan-list overlapped between units on the same interface There was a redundant call for the vlan-id checking function called when vlan-id-list is configured. There was a condition present to avoid this redundant call which was broken as part of the PR-1238128 fix. PR 1430966 and PR-1238128 are fixed now.
1445370 The VRRP IPv6 state might flap between init and idle states after configuring vlan-tagging
 
On EX-series and QFX-series platforms with VRRP IPv6 deployment, the VRRP IPv6 state might flap between init and idle states after configuring vlan-tagging on the interface that the VRRP IPv6 is configured.
PR Number Synopsis Category: Firewall Filter
1478964 The filter may not be installed if the "policy-map xx" is present under it
 
If the "policy-map xx" option is configured under "family mpls" for filters, then the filters may not take effect after committing.
PR Number Synopsis Category: dhcpd daemon
1471161 DHCP relay with forward-only might fail to send OFFER messages when DHCP client is terminated on logical tunnel interface
 
On all Junos platforms, when DHCP relay is configured with forward-only, and DHCP client is terminated on logical tunnel interface that multiple IFLs under this lt- interface have a same VLAN, DHCP relay might fail to send OFFER messages.
PR Number Synopsis Category: dynamic dcd prs
1470622 Executing commit might hang up due to stuck dcd process
 
When dynamic DHCP sessions are existing in the device, if multiple commits in parallel are performed, the commit might hang up.
PR Number Synopsis Category: Ethernet OAM (LFM)
1396540 V44-CFM: NPC crash @ rt_nh_install (rnh=0x618123d8, rnh_src=0x0, rt=< optimized out>, p_rtt=0x74f886c0) at ../../../../src/pfe/common/pfe-arch/trinity/applications/route/rt_nh.c:631
 
As part of the EOAM programming the LM counters are allocated. When an interface is deleted, the EOAM LM counters needs to be cleared. This is done as part of EOAM punt deletion. But there are scenarios where the prog punt delete processing is received, the IFL is deleted in ukern. In this case the EOAM NHs are cleared but the LM counters are not freed. this can cause memory leak in jnh. This issue is seen for a scaled config, repeated addition and deletion of the interface configs when EOAM config is present
PR Number Synopsis Category: EVPN control plane issues
1394803 The process rpd crash may be observed with EVPN type-3 route churn
 
In an EVPN scenario, rpd may crash with EVPN type-3 route churn due to a race condition (Incorrect sequence of allocating and freeing memory for processing the updates between BGP and EVPN).
1485377 The ARP entry is gone from kernel after adding and deleting the virtual-gateway-address
 
On MX/QFX10002/QFX10008/QFX10016 devices within an EVPN-MPLS active-active multi-homing mode, when adding and deleting the virtual-gateway-address, the ARP entry to CE might disappear from the kernel.
PR Number Synopsis Category: EX Chassis chassism/chassisd
1446363 Major alarm log messages for temperature conditions for EX4600 at 56 degrees Celsius
 
EX4600 will generate a major alarm once any sensor temperature is hit at 56 degrees celsius. This is incorrect behavior and can be resolved by upgrading version of code. **Note: Even though incorrect alarms are triggered, the chassis will still shut down gracefully when "fire shutdown" threshold is hit as seen in operational mode > show chassis temperature-thresholds.
PR Number Synopsis Category: Express PFE FW Features
1433648 Traffic drop might occur on PTX/QFX during filter change operation
 
On PTX/QFX platforms, a firewall configuration change operation may not be done correctly within the PFE causing transit packets drops.
1462634 The sample/syslog/log action in output firewall filter with packet of size less than 128 might cause ASIC wedge (all packet loss) on PTX platforms
 
On PTX platforms, if output firewall filter is configured with sample/syslog/log action, the host interface might get wedged for packets with lengths 0-128 including Layer 3 headers.
1470385 Incorrect counter value for "Arrival rate" and "Peak rate" for ddos commands
 
On PTX1000/PTX3000/PTX5000/PTX10000/PTX9000/QFX10000, sending hostpath traffic and check the ddos statistics might lead to incorrect counter value for "Arrival rate" and "Peak rate" for ddos commands
PR Number Synopsis Category: Express PFE Services including JTI, TOE, HostPath, Sflow
1346493 On QFX10K platforms, syslog error messages might be seen in syslog after configuring multiple LAG interfaces under sFlow protocol
 
On QFX10K platforms, syslog error messages might be seen after configuring multiples interfaces which includes LAG Interfaces under the protocol sFlow. Example of messages: Mar 13 12:04:24 host1 fpc0 expr_dfw_asic_action_update_sflow_sample_id:2578 dfw inst lookup failed IFD_EGRESS_IMPL_FILTER Mar 13 12:04:24 host1 fpc0 Sflow prds_sflow_add_sample_in_hw(442): Sample class (60): Implicit-filter binding set error Mar 13 12:04:24 host1 fpc0 Sflow prds_sflow_handle_int_event(927): Error(1000) while enabling sflow in hw for intf 560
PR Number Synopsis Category: PTX Express ASIC interface
1412126 PTX interface stays down after maintenance
 
On PTX3000/PTX5000 linecard (QSFP28-100GBASE-LR4) interface may stay down after software upgrade. Issue is usually observed on links connected to another vendors equipment.
PR Number Synopsis Category: Optical Transport Interface
1467712 "MIC Error code: 0x1b0002" alarm might not be cleared for MIC on MPC5E when the voltage has returned to normal
 
The voltage high alarm might not be cleared when voltage level comes back to normal for MIC on MPC5.
PR Number Synopsis Category: ISIS routing protocol
1432398 The "show isis adjacency extensive" output is missing state transition details
 
CLI command 'show isis adjacency extensive' output in text format is missing some details from the adjacency transition log. The output in XML format is still correct.
PR Number Synopsis Category: Adresses ALG issues found in JSF
1462984 The H323 call with NAT enabled cannot be established on SRX5000 platforms
 
On SRX5000 platforms, the H323 call with NAT enabled cannot be established when the H323 GK (Gatekeeper) works in direct mode.
1474942 The flowd/srxpfe process might crash when an ALG creates gate with incorrect protocol value
 
On SRX chassis clusters, when an ALG creates gate with incorrect protocol value, the flowd/srxpfe process might crash on one node. This issue might happen in the situation that an ALG receives a corrupted RTO message on secondary node. It might affect the traffic.
PR Number Synopsis Category: JSR Infrastructure
1445791 The show security flow session command fails with error messages when SRX4100 or SRX4200 has around 1 million routing entries in FIB
 
On SRX4100/SRX4200 platforms, once 1 million Routing Information Base (RIB)/Forwarding Information Base (FIB) routes entries are present on the device, an error might be returned after issuing "show security flow session" or other Command-Line Interface (CLI) which requires the information from Packet Forwarding Engine (PFE).
1450545 Traffic loss might occur when there are around 80,000 routes in FIB.
 
On SRX1500 platform, when there are around 800K routes in forwarding information base (FIB), traffic loss might occur and abnormal error messages of some CLI commands would appear due to lack of memory on packet forwarding engine (PFE). This issue has traffic impact.
PR Number Synopsis Category: FreeBSD Kernel Infrastructure
1146891 EX4300-48MP: 'set system ports console log-out-on-disconnect' does not work
 
'set system ports console log-out-on-disconnect' does not work
1439906 FPC might reboot if jlock hog occurs on all Junos VM based platforms
 
On a JUNOS VM using TSC clocking from the host system, "jlock hog" messages may be seen. This may lead to FPCs reboot.
1454950 EX switches might not come up properly upon reboot
 
EX switches might not come up properly upon reboot due to the date not been set up
1469400 EX3400 might reboot because of lack of watchdog patting
 
On EX3400, if watchdog pat did not happen within stipulated time and it might reboot automatically with "0x2:watchdog" as reboot reason.
PR Number Synopsis Category: Kernel MPLS / Tag / P2MP Infrastructure
1478806 Kernel crash and device restart might happen
 
In a corner case on Junos platform, where the family ccc is configured along with any other existing family within the same interface, like inet, inet6, etc. (basically, Junos never allows to do so, but somehow a customer did it ). And if the family ccc is deleted from the interface, which might cause kernel crash and the device reboot automatically, so all the traffic will be interrupted.
PR Number Synopsis Category: Kernel socket data replication issues for protocols that use
1472519 The kernel may crash and vmcore may be observed after configuration change is committed
 
On all Junos platforms, after committing the configuration change (e.g. removal of protocols like mpls, isis, ldp from the interfaces), then the kernel may crash and vmcore may be observed. This issue also may cause protocol adjacency failure.
PR Number Synopsis Category: TCP/UDP transport layer
1449664 FPC might reboot with vmcore due to memory leak
 
On all Junos platforms, if the device is up for a long period (e.g. several weeks or months), there might be a slow memory leak happening in some error scenarios where an application tries to send some data on a stale TCP socket (e.g. short-lived TCP connections used by the mgd process), and this issue might lead to FPC reboot with vmcore files.
PR Number Synopsis Category: PTX Broadway based PFE MPLS-LSPs RSVP VPNs tcc ccc software
1484255 FPC might crash when dealing with invalid next-hops
 
On PTX3000/PTX5000 platform with some specific FPCs, if the weights of links are set to an invalid value on an AE bundle interface or unilist (an unilist next-hop composed of several unicast next-hops), the FPC crash might be observed. It is a rare issue and the FPC will try to reload to resolve this problem. Traffic loss might be seen before the FPC completes the reload period.
PR Number Synopsis Category: PTP related issues.
1461031 The PTP function may hog kernel CPU for a long time
 
If the PTP function is configured, the process ppmd may be starved due to the defect that PTP function hog kernel CPU for a long time (>100ms), which can cause the "keep-alive" of the corresponding functions timeout such as ppmd based functions - LFM, BFD.
PR Number Synopsis Category: Interface related issues. Port up/down, stats, CMLC , serdes
1449406 CRC error might be seen on the VCPs of the QFX5100 VC
 
In QFX5100 VC (Virtual Chassis) scenario, CRC (Cyclic Redundancy Check) error might be seen on the VCPs (Virtual Chassis Port) when the VCPs are "BCM84328 PHY" ports. The CRC error indicates there is data corrupt, the issue might reduce the system performance. The issue can be avoided by using non-"BCM84328 PHY" ports as VCPs to build the VC.
PR Number Synopsis Category: QFX Platform related (SYSLOG/ALARMS/miscellaneous)
1471216 The speed 10m might not be configured on the GE interface
 
On QFX5100 and EX4300 mixed-mode Virtual Chassis, the speed 10m might not be configured on the GE interface.
PR Number Synopsis Category: FIP snooping, FIP
1325408 Syslog message ERROR l2cpd[X]: ppmlite_var_init: iri instance = 36736
 
The error message "ppmlite_var_init: iri instance = 36736" is harmless and gets trigger whenever interface-speed is changed.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1406242 QFX5200/5100 might not be able to send out control plane traffic to the peering device
 
On all QFX5200/5100 platforms, the router might not be able to send out control plane traffic to the peering device along with "Failed to allocate 16384 DMA memory" messages. All the routing protocols running over the affected interfaces will be down due to this issue, and therefore it impacts the service.
PR Number Synopsis Category: show route table commands, tracing, and syslog facilities
1421076 RPD crash might occur when changing prefix list address from IPv4 to IPv6
 
RPD crash might occur when changing prefix list address from IPv4 to IPv6 Configure IPv4 prefix-list: set policy-options prefix-list PREFIX_LIST 10.0.0.0/24 Configure a policy that has "then next policy" term: set policy-options policy-statement POLICY term PREF from prefix-list PREFIX_LIST set policy-options policy-statement POLICY term PREF then next policy set policy-options policy-statement POLICY term END then reject commit Note: If a terminating action is used for term PREF (such as "then accept"/"then reject") the core does not appear. Change prefix-list using "replace-pattern" [edit policy-options prefix-list PREFIX_LIST] replace pattern 10.0.0.0/24 with 2001:10::/64 commit RPD crash occurs
PR Number Synopsis Category: Resource Reservation Protocol
1476773 RSVP LSPs might not come up in scaled network with very high number of LSPs if NSR is used on transit router
 
If NSR is enabled on transit router with scaled RSVP LSPs, RESV message might not be sent from transit router because the path messages replication on master RE does not complete in time. Hence RSVP LSPs might not come up with traffic impact.
PR Number Synopsis Category: RPM and TWAMP
1333190 [RIO NPI-TWAMP]: Test sessions packets are dropped on server when DF bit is set to 1
 
When TWAMP test session packets from TWAMP client are received by TWAMP server with DF bit set(1), TWAMP server is dropping the packets and TWAMP test session are not established.
PR Number Synopsis Category: IPSEC functionality on M/MX/T ser
1477483 On NATT scenario the IKE Version 2 IPsec tunnel might flap if the tunnel initiator is not behind NAT
 
On MX platforms with MS-MPC/MS-MIC card installed and NATT scenario, when the IPsec tunnel initiator is not behind NAT, it might cause IPsec tunnel flapping. It happens in IKEv2 scenario.
PR Number Synopsis Category: SNMP Infrastructure (snmpd, mib2d)
1392616 The snmpd process might crash and cause a core dump
 
The snmpd process leaks memory in the SNMPv3 query path and crashes. The issue is caused by a memory leak when the request PDU is dropped by SNMP when the snmp filter-duplicates configuration is enabled. Each request PDU has a structure pointer for the SNMPv3 security details. This is allocated when the PDU is created or cloned. But while dropping the duplicate requests, the corresponding structure is not freed, which causes the memory leak.
PR Number Synopsis Category: SRX Argon module bugs
1446481 There is no active connection with SKY ATP server
 
On vSRX, SRX1500, SRX4100, and SRX4200 platforms, due to a system API issue, the service plane is unable to establish a connection to SKY ATP Cloud.
PR Number Synopsis Category: platform related PRs on SRX branch platforms
1451474 Priority tagged packets might be dropped with QinQ and native-vlan-id configuration on SRX branches platforms
 
On SRX-branch platforms, if QinQ and native-vlan-id are configured, priority tagged packets (Priority tagged packets have their VLAN ID set to 0, and their priority code point bits might be configured with a CoS value.) would be dropped. Below is the detail. The newly added configuration "set interface input-native-vlan-push" is not supported by branch SRX. By default, input-native-vlan-push is disabled, which will cause untagged packets ingress from UNI (user-to-network) will not be added with inner tag on egressing out of NNI (network-to-network interface), and the priority only tagged packets ingress from UNI will be stripped of the priority tag when it egresses out of the UNI in the other end. Hence packets drop would be seen.
1468430 Tail drop on all ports is observed when any switch-side egress port gets congested.
 
On the SRX300 line of devices with Mini-PIM installed, tail-drop might happen on all ports when the serial egress port gets congested.
PR Number Synopsis Category: MPC7/8/9 Interface Issues
1463015 An interface might get stuck in down state on certain MX platforms
 
The interfaces on certain MX platforms might get stuck in a down state, if the remote interface sends invalid code to the local interface. Link might not come up even after the remote peer has begun sending a good signal.
PR Number Synopsis Category: MX10002 RCB/LC Diagnostics defects
1405787 Voltage read failed for rail LTC3887-EA1-VDD0V9R2-CH0
 
On an MX10003 and an MX10008, its i2c bus may experience congestion. Thus the software may not be able to communicate on the first try. This PR optimizes the retry logic and its reporting.
PR Number Synopsis Category: Trio pfe bridging, learning, stp, oam, irb software
1468663 JNH memory leaks might be seen after CFM session flap for LSI/VT interfaces
 
JNH memory leak may be seen when CFM session over the VPLS LSI interface/VT interface flaps.
PR Number Synopsis Category: PTX/QFX100002/8/16 platform software
1464119 FPC might restart during run time on PTX10K/QFX10K platforms
 
On PTX10K/QFX10K platforms, FPC might restart if there is some corruption in BCM (Broadcom) switch (a small internal ethernet switch, instead of PFE engine) inside the FPC. It is a timing issue. The reason is that the PCIe speed configuration for BCM switch is not correct. And this issue is resolved in some FPC U-boot versions.
PR Number Synopsis Category: Virtual Router Redundancy Protocol
1450652 Dual VRRP mastership might be seen after RE switchover ungracefully
 
When VRRP works in distributed mode (ie. delegate-processing is enabled under VRRP) with more than 250 VRRP sessions, dual VRRP mastership might be observed after RE switchover ungracefully (e.g. master RE failure).
 

17.4R3-S1 - List of Known Issues

PR Number Synopsis Category: EX9200 Platform
1377840 EX9208 - Few XE interfaces are going down with error "if_msg_ifd_cmd_tlv_decode ifd xe-0/0/0 #190 down with ASIC Error"
 
On an EX9208 switch, few xe-interfaces are going down with the error message "if_msg_ifd_cmd_tlv_decode ifd xe-0/0/0 #190 down with ASIC Error".
PR Number Synopsis Category: QFX Access control list
1429543 The traffic with destination UDP port 520 (RIP) or 521 (RIPng) gets dropped on QFX5000/EX4600 platforms
 
On QFX5000/EX4600 platforms, the received traffic will be dropped if the destination UDP port is 520/521 though the device runs pure layer 2 switching.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1459329 OSPF stuck at Exchange state for lag interfaces in a QFX5100-EX4300 mixed VC setup whose child members belong to EX4300 after Rebooting VC.
 
OSPF stuck at Exchange state for lag interfaces in a QFX5100-EX4300 mixed VC setup whose child members belong to EX4300 after Rebooting VC.
PR Number Synopsis Category: Accounting Profile
1458143 A problem with statistics on some interfaces of a router may be observed after FPC or PIC reboot
 
In some rare scenarios upon FPC or PIC reboot, the pfed (packet forwarding engine daemon) database may not get updated with the correct location_id for some physical interfaces (IFDs), then a problem with statistics on some interfaces of a router may be observed. If this issue happens in the subscriber management environment, and depending on the radius server configuration, it may cause the subscribers to get disconnected by the radius server because of the radius server can not receive the proper statistics update for the subscribers from the pfed.
PR Number Synopsis Category: ACX Interfaces IFD, IFL, vlans, and BRCM init
1435648 JDI ACCESS REGRESSION:Protocols:Forwarding when using non-existing SSM map source address in IGMPv3 instead of pruning.
 
Protocols get forwarded when using non-existing SSM map source address in IGMPv3 instead of pruning. This is a day 1 design issue which needs to be redesigned. The impact is more, But definitely this needs some soaking time in DCB before it gets ported in previous versions. So it will be fixed in DCB first. Discussion on this issue will be done after we have some bandwidth from our high priority issues. But it looks like we can't commit before 20.2.
PR Number Synopsis Category: BBE interface related issues
1480154 commit check is needed for vlan-overlap configuration
 
commit check is needed for vlan-overlap config
PR Number Synopsis Category: Bi Directional Forwarding Detection (BFD)
1354409 AE interface and BFD session remain down after interface disable/enable
 
With Bidirectional Forwarding Detection (BFD) configured on an aggregated Ethernet interface, if you disable/enable the aggregated Ethernet interface, then that interface and the BFD session might not come up.
PR Number Synopsis Category: Border Gateway Protocol
1265504 BGP MIBv2 enterprise MIB objects for InetAddress types not properly generating OIDs
 
When generating SNMP traps or notifications for BGP events from the jnxBgpM2 MIB, Junos OS does not emit objects of type InetAddress with the expected length field. This will cause compliant SNMP tools to be able to parse the contents of those objects properly. In particular, the length field for the InetAddress OBJECT-TYPE is omitted. Using the set protocols bgp snmp-options emit-inet-address-length-in-oid command causes these objects to emit in a compliant fashion. Given the length of time that this error has been in place, it was decided to leave the existing non-compliant behavior in place to avoid breaking tools that had accommodated the existing behavior as the default.
1351639 The rpd crashes in JunOS 16.1 or higher during BGP convergence
 
In JunOS 16.1 or higher, during BGP convergence, the input/output thread constructing the outgoing BGP PDU and manipulating the path attributes before hand-off the data to the socket. If this PDU length is zero, it will trigger an assertion and routing-protocol demon is restarting.
1414021 The rpd gets stuck in a loop while doing the multipath calculation which leads to the high CPU usage
 
In BGP with the indirect next-hop scenario, if uRPF is enabled, and then enable BGP multipath, a background job loop might be formed and the CPU utilization of rpd process might be stuck at 100%.
1414121 QFX5100 : BGP v4/v6 convergence & RIB install/delete time degraded in 19.1R1/19.2R1/19.3R1/19.4R1
 
BGP IPv4 or IPv6 convergence and RIB install/delete time is degraded in Junos OS Releases 19.1R1, 19.2R1, 19.3R1, and 19.4R1.
1456260 Packets drop and CPU spike on RE might be seen in certain conditions if "labeled-unicast protection" is enabled for a CsC-VRF Peer
 
On all Junos platforms under CsC (Carrier Supporting Carrier) scenario, PE link protection (labeled-unicast protection) is enabled, after one of the redundant links between CsC-CE flap or RSVP-TE LSP re-route from the primary path happens, it might result in slow convergence issue. Packets drop and CPU spike on the routing engine might be seen during this period.
PR Number Synopsis Category: BBE Remote Access Server
1402653 The subscribers might need to take login retry in the scenario with high usage of the address pool
 
On all Junos platforms running in subscriber scenario with address pool configured, if the address pool has high usage so that only few addresses are free to allocate, when there are subscribers logout and login, the released address by one subscriber might get re-used and allocated to the other subscriber very soon. Due to this issue, syslog error messages might be seen, and the affected subscriber might need to take retry for login.
1449064 Subscribers login fails when PCRF server is unreachable
 
In Gx-Plus for Provisioning Subscribers scenario, when the PCRF (Policy and Charging Rules Function) server is unreachable or the diameter protocol is down, the subscriber login might fail to successfully establish a session or the subscribers might fail to bind a service policy by Gx-Plus after the PCRF Server connectivity is restored.
PR Number Synopsis Category: Cassis pfe microcode software
1459698 Traffic blackholing upon interface flap after DRD auto-recovery
 
An interface stops forwarding traffic when MX software triggers a "DRD reorder timeout recovery" event follows by an interface flap on the same XMCHIP. When the logic is triggered, you will see a "cmtfpc_xmchip_drd_reorder_id_timeout_callback" message in the PFE syslog messages. This issue affects XM based MPCs (3E 4E 5E 6E 2E-NG 3E-NG).
PR Number Synopsis Category: MX Platform SW - UI management
1453533 Alarm was not sent to syslog on MX10003 platform
 
On the MX10003 platform, the alarmd wont write the alarm messages to the syslog.
PR Number Synopsis Category: Firewall Filter
1473093 Traffic might not be forwarded into the right queue but the default queue when VPLS traffic has three or more VLAN tags with VLAN priority 5
 
On the MX platform with MPC line card (except DPC line card) used, if an input firewall filter is configured at the ingress VPLS interface, the packet with a VLAN priority of 5 with three or more VLAN tags might be forwarded into the wrong queue. When this occurs, it might cause traffic loss due to congestion as all traffic is forwarded into the default queue.
PR Number Synopsis Category: Covers Application classification workflows apart from custo
1455465 The traffic loss might occur when application service is configured
 
On vSRX3.0 platform, the traffic loss might occur when application service is configured.
1463159 A core file will be generated when perform an ISSU on SRX platforms
 
When APPID is enabled and perform an ISSU on SRX devices, it might cause traffic impact and generate core-dump file.
PR Number Synopsis Category: Express PFE FW Features
1432116 The FPC might crash when a firewall filter is modified
 
In QFX10K/PTX series platforms, if a firewall filter with multiple match conditions is configured on interfaces which are Up and the firewall filter is modified (either a new action is added or the condition is added/removed etc.), the FPC might crash and restart. It might affect the service/traffic.
PR Number Synopsis Category: PTX Express ASIC platform
1384435 An enhancement of optimizing the report to the single bit error check
 
Due to transient hardware condition, single-bit error (SBE) events are corrected and have no operational impact. Reporting of those events had been disabled to prevent alarms and possibly unnecessary hardware replacements. This change applies to all Platforms using Hybrid Memory Controller (HMC).
PR Number Synopsis Category: idp flow creation, deletion,notification, session mgr intfce
1444043 SNMP queries may cause commit or show command to fail due to IDP
 
On the SRX platform, commit or show command for IDP might not work if keeping run SNMP queries when large-scale IDP is used.
PR Number Synopsis Category: Kernel software for AE/AS/Container
1423707 Traffic is dropped after FPC reboot with aggregated Ethernet member links deactivated by remote device
 
On JUNOS routers and switches with Link Aggregation Control Protocol (LACP) enabled, deactivating a remote Aggregate Ethernet (AE) member link will make the local member link move to LACP Detached state. The Detached link will be invalidated from the PFE AE-Forwarding table as expected. However, if the device is rebooted with this state, all the member links will be enabled in PFE AE-Forwarding table irrespective of LACP states and result in traffic drop.
1442080 [subscriber_services/trinity-pfe-bbe] [core] pfe core during Starting Upgrade for FRUs in backup RE before Switchover 18.4R2 inflgiht ISSU
 
During ISSU, PFE core may be seen in the setup having dynamic pppoe subscribers stacked on a static ps ifl. This is because, when the ps ifl is removed (due to catastrophic change after switchover), PFE finds that there are pppoe subscribers still stacked on ps and crashing.
1474300 A newly added LAG member interface might forward traffic even though its micro BFD session is down
 
On all Junos platforms, if a static Link Aggregate Group (LAG) is configured, and Bidirectional Forwarding Detection (BFD) is enabled on the LAG which is also called as micro BFD, a newly added member link might start to forward traffic immediately when the configuration change commits even though its micro BFD session is still down, for example, add a new member interface only on single end, and the remote member interface is disabled or not added. Therefore, traffic loss might be seen due to this issue.
PR Number Synopsis Category: Adresses ALG issues found in JSF
1444068 Packet's IP header have DF flag might be dropped by SRX ALG after payload-NAT
 
On SRX platforms with ALG enabled, when ALG has done the payload-NAT, packet size maybe bigger than outgoing interface's MTU. If the packet's IP header has DF (Don't Fragment) flag, this packet cannot be sent out.
PR Number Synopsis Category: Firewall Authentication
1457570 The same source IP sessions are cleared when the IP entry is removed from the UAC table.
 
When uac entry is removed, all sessions which has the erased IP on uac are cleared regardless of uac-policy.
PR Number Synopsis Category: Flow Module
1458578 The security flow traceoptions fills in with RTSP ALG-related information.
 
security flow traceoptions file fills-in with RTSP ALG related information (once RTSP traffic is processed by SRX) despite configured traceoptions packet-filter does not match the traffic. It is display issue in troubleshooting.
1462825 The tunnel packets might be dropped because gr0.0 or st0.0 interface is wrongly calculated after a GRE or VPN route change.
 
On SRX Series device, MTU is wrongly calculated in a gr0.0 or st0.0 interface after a GRE or VPN route change. If the command do-not-fragment is configured and the packet is bigger than the MTU, the packet might be dropped.
PR Number Synopsis Category: Key Management Daemon
1434521 The kmd process might crash when DPD timeout for some IKEv2 SAs happens
 
If IPsec with IKEv2 (Internet Key Exchange Version 2) used and multiple IPsec peers are established behind the same NAT (Network Address Translation), the kmd (Key Manager Daemon) process may crash if DPD (Dead Peer Detection) timeout for some IKEv2 SAs (Security Association) of these peers happens. The issue may result in IPSec traffic loss.
PR Number Synopsis Category: Label Distribution Protocol
1289860 LDP egress policy not advertising label for inet.3 BGP labeled-unicast route
 
On 16.1 onwards releases, if LDP egress policy is used for inet.3 Border Gateway Protocol (BGP) labeled-unicast route, the route lable might not be installed in Label Distribution Protocol (LDP) database.
PR Number Synopsis Category: Multiprotocol Label Switching
1435019 The rpd will crash continuously if RSVP LSP link/node protection is configured
 
On PPC platforms (PowerPC CPU based platforms), the rpd will crash continuously if RSVP (Resource Reservation Protocol) LSP (Label-switched Path) link/node protection is configured. Traffic loss might be seen during the rpd crash.
1460283 Pervious configured credibility preference it is not considered by CSPF despite the configuration is deleted or changed to prefer another protocol in TED
 
After configuring the credibility, the new credibility preference value will be stored internally and its not cleared or consider by the CSPF module, incase if the perviously configuration of "traffic-engineering credibility-protocol-preference" was deleted or if you configure "traffic-engineering credibility-protocol-preference" under another protocol (for example ISIS)
PR Number Synopsis Category: Multicast for L3VPNs
1460625 The rpd process might crash due to memory leak in "MVPN RPF Src PE" block
 
In NG-MVPN scenario with multiple multicast sources, the rpd process might crash due to memory leak in "MVPN RPF Src PE" block.
PR Number Synopsis Category: OS IPv4/ARP/ICMPv4
1442815 ARP resolution might fail after ARP HOLD NHs are added and deleted continuously
 
ARP (Address Resolution Protocol) address resolution might fail after ARP HOLD NHs (next-hop) are getting added and deleted from ARP entries continuously.
PR Number Synopsis Category: FreeBSD Kernel Infrastructure
1463802 The scheduled tasks might not be executed if "cron" daemon goes down without restart automatically
 
The service utility "cron" runs in the background and regularly checks /etc/crontab for tasks to execute and searches /var/cron/tabs for custom crontab files. These files are used to schedule tasks which "cron" runs at the specified times. "cron" daemon is started during boot. If for some reason, the "cron" process exits, the scheduled tasks will not be executed. "cron" was not restarted automatically and had to be started manually.
PR Number Synopsis Category: Issues related to PKI daemon
1465966 Loading CA certificate causes pkid core file to be generated.
 
If a CA certificate includes CRL URL that doesn't have "/" to separate URL from the "hostname:port" section, when SRX loads it, pkid crash might happen and any service relies on CA will be affected, because the URL in CRL that is used to verify the validation of certificate will not work, that may cause security risk.
PR Number Synopsis Category: vMX Platform Infrastructure related issue tracking
1343170 The vFPC might get absent resulting in the total loss of traffic
 
On the MX150 platform, the vFPC (virtual Flexible PIC Concentrator) might get absent and the l2cpd and chassisd might crash. Hence all the traffic is discarded.
PR Number Synopsis Category: Chassis mgmt for all QFX systems - chassis MIB, alarms, CLI
1446540 ZTP goes on forever when system has 18.1 or previous release and upgrading to 18.2 or later release, vice versa
 
Platforms: QFX 10002, QFX10008, QFX10016 When upgrading these systems from 18.1 or previous release to 18.2 or later releases , a minor error is reported. But upgrade/downgrade goes through fine. One side effect of this error is that, if upgrade or downgrade is happening as part of ZTP, then ZTP fails. ZTP keeps on upgrading (or downgrading) forever and ZTP never completes.
PR Number Synopsis Category: SW installation for all qfx platforms.
1345848 upgrade/downgrade from tvp to non-tvp is not supported.
 
Downgrade from TVP image to non-tvp image is not supported. Upgrade from non-tvp to TVP is supported.
1482593 TIM: software rollback failed (17.4R3.16 tvp image to 18.4R2-S3 tvp image)
 
software rollback failed (17.4R3.16 tvp image to 18.4R2-S3 tvp image)
PR Number Synopsis Category: QFX Platform related (SYSLOG/ALARMS/miscellaneous)
1409448 The 10G fiber interfaces might flap frequently when they are connected to other vendor's switch
 
When QFX5100 and other vendor's switch are connected via 10G fiber link, flaps may happen sometimes.
1466810 EPR iCRC errors in QFX10000 series platforms might cause protocols down
 
EPR iCRC errors in QFX10000 series platforms might cause protocols down. FPC will be in wedged state and will not pass traffic on that PFE if hitting this issue. EPR iCRC errors are normal and caused by transient hardware conditions. EPR iCRC errors are not expected to impact the protocols, and only one CRC failed packet will be dropped. But due to incorrect handling of this error, it affects protocols and causes FPC wedge.
1482245 TIM:errors seen in log during upgrade from 17.4R2 (nontvp) to 18.4R2 (tvp)
 
following erros are observed during upgrade. Jan 10 01:56:59.618 st-fcoe-24q-03 chassisd[7246]: CHASSISD_SNMP_TRAP10: SNMP trap generated: redundancy switchover (jnxRedundancyContentsIndex 9, jnxRedundancyL1Index 1, jnxRedundancyL2Index 0, jnxRedundancyL3Index 0, jnxRedundancyDescr Routing Engine 0, jnxRedundancyConfig 2, jnxRedundancyState 1, jnxRedundancySwitchoverCount 1, jnxRedundancySwitchoverTime 10129, jnxRedundancySwitchoverReason 4) Jan 10 01:57:12.764 st-fcoe-24q-03 rpd[7279]: : krt_evpn_df_role_ifftlv_send ifftlv send failed with error: ENOENT -- Item not found (No such file or directory) Jan 10 01:57:12.764 st-fcoe-24q-03 rpd[7279]: : krt_evpn_df_role_ifftlv_send ifftlv send failed with error: ENOENT -- Item not found (No such file or directory) Jan 10 01:57:12.764 st-fcoe-24q-03 rpd[7279]: : krt_evpn_df_role_ifftlv_send ifftlv send failed with error: ENOENT -- Item not found (No such file or directory) Jan 10 01:57:12.764 st-fcoe-24q-03 rpd[7279]: : krt_evpn_df_role_ifftlv_send ifftlv send failed with error: ENOENT -- Item not found (No such file or directory) Jan 10 01:57:17.775 st-fcoe-24q-03 fpc0 CMQFX: Error requesting SET BOOLEAN, illegal setting 66 Jan 10 01:57:17.779 st-fcoe-24q-03 fpc0 CMQFX: Error requesting SET BOOLEAN, illegal setting 90 Jan 10 01:57:17.784 st-fcoe-24q-03 fpc0 CMQFX: Error requesting SET BOOLEAN, illegal setting 67 Jan 10 01:58:01.649 st-fcoe-24q-03 fpc0 IFRT: ifl 1 family add error (2) from handlers Jan 10 01:58:01.901 st-fcoe-24q-03 fpc0 IFRT: ifl 2 family add error (2) from handlers Jan 10 01:58:02.524 st-fcoe-24q-03 fpc0 CMQFX: cm_qfx_pfe_resync_done: FPC PFE resync_done fpc 0 sent; err:0 Jan 10 01:59:07.536 st-fcoe-24q-03 vhclient.9557.daemon: Error: /dev/sdb: unrecognised disk label :error[0]
PR Number Synopsis Category: QFX L2 PFE
1414213 QFX5K: EVPN / VxLAN: Mutlicast NH limit is 4K
 
In QFX5K, multicast next hop limit is 4K. so based on the configuration, if there are more than 4K multicast NHs getting created, some of NHs won't be installed and you may see traffic drop for those groups.
PR Number Synopsis Category: QFX MPLS PFE
1474935 L2circuit might fail to communicate via VLAN 2 on QFX5K platforms
 
On QFX5K platforms acting as L2circuit PE (tunnel terminating node), if VLAN 2 is used for L2circuit communication with CE node, the VLAN 2 packets might be dropped on PE.
PR Number Synopsis Category: QFX VC Infrastructure
1414492 VC Ports using DAC may not establish link on QFX5200
 
On QFX5200, when virtual-chassis is configured, if the QSFP configured as VCP is removed and then inserted, VC Ports using direct attach copper (DAC) may not establish link.
PR Number Synopsis Category: rosen-6 and rosen-7 mvpn bugs
1405887 The CLI command "show pim mdt data-mdt-limit instance " with family option might cause CPU usage of rpd high
 
In draft-rosen MVPN scenario with data-mdt, if performing the CLI command "show pim mdt data-mdt-limit instance ", The output might go in loop and the rpd process might use high CPU.
PR Number Synopsis Category: KRT Queue issues within RPD
1388119 During link flap, kernel veto messages are seen and traffic is being blackholed
 
In JUNOS 16.1/later releases, when the quick interface "down/up" happens, IGP and BGP protocols perform RIB route-change, in some sceanrios we may observe rt_pfe_veto messages in syslog, due to slow PFE consumption, kernel will throttle RPD by sending ENOBUFS. In order to avoid this scenario we can configure in JUNOS the following values to the Kernel Routing Table IO: set routing-options krt-io-options work-queue-length high-threshold 250 set routing-options krt-io-options work-queue-length low-threshold 200 set routing-options krt-io-options tx-bulk-count 10 Important Notes: The above commands require RPD restart to take effect. When the "interface down" happens, IGP and BGP protocols perform RIB route-change. The IGP change is placed into a high priority queue and the exterior route change is placed into a low priority queue. For 64-bit systems, RPD workqueue size is 10000 and bulk count is 30. As a result, the head of line blocking for the IGP route change could potentially be up to 300000 rtsock requests, which causes the delay in FIB convergence for that particular prefix when the interface comes up immediately after interface down.
PR Number Synopsis Category: RPD Next-hop issues including indirect, CNH, and MCNH
1406070 The rpd might crash or duplicated routes might be seen if doing configuration change with BGP multipath and flapping routes
 
On all platforms, if doing configuration change (with BGP multipath) and flapping the IGP/LDP/RSVP routes simultaneously, the rpd crash or duplicated routes might be seen.
1439317 Packet drop might be seen on ACX platform when chained composite nexthop is enabled for L3VPN
 
On ACX platform, packet drop might be noticed at PFE (Packet forwarding Engine) if chain composite for L3VPN is enabled in PE-PE directly connected scenario for those destinations that points to chain composite. The issue is seen when RPD ends up creating route pointing to chain composite instead of indirect nexthop for PE-PE directly connected.
PR Number Synopsis Category: IPSEC functionality on M/MX/T ser
1354757 Newly provisioned IPsec tunnel could not forward traffic
 
Newly provisioned IPsec tunnel may not forward traffic. This issue gets triggered in certain specific condition wherein the RE daemon(kmd) processes the Outside MS-IFL UP event followed by Inside MS-IFL UP event. Normally, kmd receives Inside MS-IFL UP event followed by Outside MS-IFL UP event and this is one of the main reason that this issue is very hard to reproduce.
PR Number Synopsis Category: SNMP Infrastructure (snmpd, mib2d)
1473288 snmp trap coldStart agent-address becomes 0.0.0.0
 
agent-address on snmp trap coldStart might not be expected as configured
PR Number Synopsis Category: Generic platform and infra issues for MS-MIC and MS-MPC(XLP)
1102367 MS-MIC, MS-MPC might generate coredump upon receiving fragmented traffic
 
On MX Series routers where MS-MIC or MS-MPC is inserted, certain combinations of fragmented packets might lead to an MS-MIC or MS-MPC coredump.
PR Number Synopsis Category: Stout PF fabric (SFB2)
1461356 Traffic might be impacted because the fabric hardening is stuck
 
Fabric hardening (FH) is the process of controlling bandwidth degradation to prevent traffic black hole. When FH is processing, if SFB/SCB get failure, FH process will be stuck, which will get traffic lost.
PR Number Synopsis Category: Stout cards (MPC7, MPC8, MPC9) microkernel issues
1417362 IFD bounces on MPC7 might lead to memory exhaustion that can eventually trigger the restart of the line card
 
IFD bounces on MPC7 might lead to memory exhaustion that can eventually trigger the restart of the line card.
PR Number Synopsis Category: Issues related to broadband edge apps (PPP, DHCP) on Trio ch
1476786 Traffic loss may be observed to the LNS subscribers in case the "routing-service" knob is enabled under the dynamic-profile
 
On the MX platforms working in an enhanced subscriber environment, if the "routing-service" knob is enabled under the dynamic-profile for the LNS subscribers, l2tp services may not be programmed properly in the PFE due to timing, which causes forwarding issue to the affected subscribers.
PR Number Synopsis Category: Trio pfe bridging, learning, stp, oam, irb software
1412457 Ethernet MAC addresses may not be learnt after performing the "clear bridge mac table"
 
An LU-base MPC may not learn Ethernet MAC address after the "clear bridge mac table" command is issued. Examples of LU-based MPC are the MPC2/3/4 and MPC-3D-16XGE
PR Number Synopsis Category: Trio pfe l3 forwarding issues
1427377 PDT CUC-1398: NGMVPN traffic will not converge back after deactivate/activate of the routing-instance on receiver PE
 
NGMVPN traffic will not converge back after deactivate/activate of the routing-instance on receiver PE as the traffic is reaching to the physical interface but not to the rvt interface.
PR Number Synopsis Category: PTX/QFX10002/8/16 specific software components
1409585 The port at FPC(e.g. JNP10K-LC1101) might fail to come up
 
On rare occasions, the port at FPC(e.g. JNP10K-LC1101) might fail to come up due to the retimer initialization failure upon the FPC reboot/OIR and a QSFP OIR.
PR Number Synopsis Category: PTX/QFX100002/8/16 platform software
1464119 FPC might restart during run time on PTX10K/QFX10K platforms
 
On PTX10K/QFX10K platforms, FPC might restart if there is some corruption in BCM (Broadcom) switch (a small internal ethernet switch, instead of PFE engine) inside the FPC. It is a timing issue. The reason is that the PCIe speed configuration for BCM switch is not correct. And this issue is resolved in some FPC U-boot versions.
Modification History:
First publication date 2020-03-09
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search