| PR Number |
Synopsis |
Category: DOT1X |
| 1414170 |
MAC learning might not work correctly when using the tagged-access port with wireless AP controller
Product-Group=junos |
MAC learning might not work correctly when using the tagged-access port with a wireless AP controller in dot1x mode. Clients may not be authenticated, and some clients may be denied access. |
| PR Number |
Synopsis |
Category: ESWD |
| 1459325 |
The ERPS does not run on the new primary after GRES switchover
Product-Group=junos |
On EX2200/EX3200/EX3300/EX4200/EX45XX/EX6200/EX82XX platforms with VC setup, the ERPS does not run on the new primary after GRES switchover. |
| PR Number |
Synopsis |
Category: LLDP |
| 1440662 |
LLDP does not work on management interfaces me0/vme0
Product-Group=junos |
The Link Layer Discovery Protocol (LLDP) allows network devices that operate at layer 2 to learn some of the capabilities and characteristics of LAN devices available to higher layer protocols, such as IP addresses. On EX2200/EX3300, LLDP packets cannot be received on management interfaces me0/vme0, then LLDP adjacency fails to be established. This issue has service impact. |
| 1464553 |
The LLDP packets might get discarded on all Junos platforms
Product-Group=junos |
On all Junos platforms, the LLDP packet received from any other vendor might get discarded. The issue is seen when there are two location-id in the same packet and the Junos device considers the LLDP packet as duplicate and discards it. This might result in the PoE phone not coming up or neighborship information not getting exchanged. |
| PR Number |
Synopsis |
Category: Marvell based EX PFE ACL |
| 1434927 |
The FPC crash with the pfem core file might be seen if large-scale number of firewall filters are configured
Product-Group=junos |
On EX Series switches, If configuring large-scale number of firewall filters on some interfaces, the FPC crash with core files might be seen. |
| PR Number |
Synopsis |
Category: Marvell based EX PFE L2 |
| 1426377 |
The DHCPv6 packets are getting mirrored by the EX switch
Product-Group=junos |
When a DHCPv6 packet is received on an EX switch between DHCPv6 relay and DHCPv6 server, it will be mirrored by the PFE (Packet Forwarding Engine) and routed again by the RE (Routing Engine), hence two packets are received at the DHCPv6 server. |
| PR Number |
Synopsis |
Category: MX Platform SW - Mastership Module |
| 1424187 |
The system does not reboot or halt as configuration when encountering the disk error
Product-Group=junos |
When the system encounters disk error or halted system (ex. memory leak), the chassisd might go in hung state with the blow error messages even though "disk-failure-action reboot" or "disk-failure-action halt" is configured. |
| PR Number |
Synopsis |
Category: Device Configuration Daemon |
| 1421857 |
Invalid speed value on an interface might cause other interface configuration loss
Product-Group=junos |
Once an invalid interface speed is configured (such as speed 100m on 1G SFP), other interface configuration might be deleted. In the end, all traffic destined to the affected interface may get dropped. |
| PR Number |
Synopsis |
Category: EX Chassis chassism/chassisd |
| 1448123 |
Legacy EX platforms might reboot when removing/adding "input egress all" for analyzer
Product-Group=junos |
On EX4550 switches with analyzer used, when removing or adding "input egress all" for analyzer, CPU exception might be seen and the device might reboot frequently. |
| 1469790 |
show interface < interface> media command shows the media type for the SFP-T to be fiber
Product-Group=junos |
EX4500 might incorrectly show the media type of an SFP-T copper module as fiber in the output of the 'show interface' command. |
| PR Number |
Synopsis |
Category: EX Chassis Interface Handling |
| 1423083 |
EX switches might cause potential filesystem corruption and panics
Product-Group=junos |
On EX switch running with FreeBSD 6.x, and in some rare cases, there are some errors on storage media, failures might happen if soft update threads write info on the storage, and this failure will cause the device can not be shut down successfully, which finally leads to panics and filesystem corruption. |
| PR Number |
Synopsis |
Category: jdhcpd daemon |
| 1449353 |
Junos OS and Junos OS Evolved: Multiple vulnerabilities in JDHCPD allow for OS command injection and code execution of JDHCPD
Product-Group=junos |
A device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process configured relay mode is vulnerable to multiple vulnerabilities which allow an attacker to send crafted packets who may arbitrarily execute commands as root on the target device, or who may take over the code execution of the JDHDCP process. Refer to https://kb.juniper.net/JSA10981 for more information. |
| PR Number |
Synopsis |
Category: lacp protocol |
| 1435404 |
The LACP might time out on the peer device when primary failover is triggered on the VC
Product-Group=junos |
On VC (Virtual Chassis) platforms with LACP (Link Aggregation Control Protocol) used, the LACP might time out on the peer device when the primary failover is triggered on the VC. The issue might lead to traffic loss on the LAG (link aggregation group) interface. |
| PR Number |
Synopsis |
Category: Multiprotocol Label Switching |
| 1402185 |
JSA10979 Junos OS: A specific SNMP command can trigger a high CPU usage Denial of Service in the RPD daemon. (CVE-2020-1600)
Product-Group=junos |
In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an uncontrolled resource consumption vulnerability in the Routing Protocol Daemon (RPD) in Juniper Networks Junos OS allows a specific SNMP request to trigger an infinite loop causing a high CPU usage Denial of Service (DoS) condition. Refer to https://kb.juniper.net/JSA10979 for more information. |
| PR Number |
Synopsis |
Category: build tools |
| 1290089 |
jcrypto syslog help package and events are not packaged even when errmsg is compiled
Product-Group=junos |
jcrypto syslog help package and events are not packaged even when errmsg is compiled properly. Several of the KMD help syslog entries are missing
|