Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

17.4R2-S11: Software Release Notification for JUNOS Software Version 17.4R2-S11



Article ID: TSB17809 TECHNICAL_BULLETINS Last Updated: 30 Jun 2020Version: 2.0
Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, MX, PTX, QFX, NFX, SRX, VRR, Network Agent
Alert Description:
Junos Software Service Release version 17.4R2-S11 is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts

Junos Software service Release version 17.4R2-S11 is now available.

17.4R2-S11 - List of Fixed issues

PR Number Synopsis Category: ACX Interfaces IFD, IFL, vlans, and BRCM init
1284590 On ACX5000, MacDrainTimeOut and bcm_port_update failed: Internal error.
On ACX5K, the buffer is corrupted on port x(*/*/x) and error message MACDRAINTIMEOUT and dcbcm_check_stuck_buffers are observed, which could eventually lead to port x (*/*/x) flapping. Traffic on ACX5048/ACX5096 may get dropped on egress interface with below errors. When below error is seen, traffic is stuck in the egress queue and never got sent out
PR Number Synopsis Category: Border Gateway Protocol
1391084 Race condition causes all the BGP sessions to flap after NSR switchover
With GRES and NSR enabled, if executing the switchover, in very rare cases, all the BGP session might flap because of a race condition.
1403186 All the BGP session flap after RE switchover
With GRES and NSR enabled, if executing RE switchover, BGP session might flap in some scenario. When Junos version has the fix of PR-1440694, BGP session always flaps after doing RE switchover.
1437837 The rpd process crash might be observed if leaking multi-pathed BGP routes from routing-instance to another routing table
This issue applies to Junos platforms with BGP multipath configured under a routing-instance and a RIB group is deployed to leak routes from that routing-instance to another routing table. "rpd" may restarts unexpectedly when performing multipath calculation operations for the secondary routes - (such as removing the rib-groups/bouncing BGP neighbor under routing-instance.) The secondary routes refer to the second RIB in a RIB (Routing Information Base) group.
PR Number Synopsis Category: Device Configuration Daemon
1457460 Mismatched MTU value causes the RLT interface to flap
In Redundant Logical Tunnel (RLT) with any dynamic protocols that rely on this interface scenario, when performing a "commit full" operation, which might cause the protocol to get flapping if MTU is configured at IFD level of the RLT. Due to the mismatch MTU value calculated by DCD and Kernel that triggers the IFD flapping, and then the protocols flapping.
PR Number Synopsis Category: jpppd daemon
1488302 MPLS VPN label can point to discard next-hop after RE switchover without NSR if egress interface is pp0
After RE switchover without non-stop routing (NSR) on the broadband network gateway (BNG), some VRF routing instances may experience blackholing for traffic destined to the hosts behind static PPPoE subscriber's CPE device. The affected routing instances are configured without 'vrf-table-label' knob and have a static route configured with interface as a next-hop like: user@router> show configuration routing-instances TEST instance-type vrf; interface pp0.1000; route-distinguisher 65000:1000; vrf-target target:65000:1000; routing-options { static { route next-hop pp0.1000; <<<< } }
PR Number Synopsis Category: Security platform jweb support
1499280 Junos OS: Security vulnerability in J-Web and web based (HTTP/HTTPS) services
Junos OS: Security vulnerability in J-Web and web-based (HTTP/HTTPS) services (CVE-2020-1631). Refer to for more information.
PR Number Synopsis Category: Multi Protocol Label Switch OAM
1436373 The rpd might crash after executing 'ping mpls ldp'
In LDP to BGP-LU stitching scenario, when BGP route goes down, MPLS ping is done before that route is pulled out of the routing table, the rpd will crash.
PR Number Synopsis Category: Neo Interface
1453433 Interfaces shutdown by 'disable-pfe' action might not be up using MIC offline/online command
On MX platform, the MPC wedge might cause 'disable-pfe' action. The 'disable-pfe' action will shutdown interfaces to avoid traffic blackholing. MIC bouncing (offline/online) operation will bring WAN interfaces up causing traffic blackholing. Restoring the PFE entity upon disable-pfe action needs an MPC restart.
PR Number Synopsis Category: vMX Data Plane Issues
1449014 IPv6 Packets might be dropped when vMX act as the VRRPv3 gateway
In the vMX as the VRRPv3 gateway scenario, the IPv6 traffic might be allocated to the slow path of the vMX since the IPv6 VRRP mac is not handled correctly by VFP (virtual forwarding plane). If the IPv6 traffic throughput is beyond the bandwidth of this slow path, the IPv6 packets might be dropped.
PR Number Synopsis Category: VMX wrlinux changes
1452915 The VMX might drop packets that are needed for fragmentation
On the VMX platform, if the traffic mixes packets that need to be fragmented and does not need to be fragmented, the packet needed for fragmentation is 100% dropped.
PR Number Synopsis Category: PTP related issues.
1507782 CLI knob to configure announce-interval as -3 so that the announce messages rate will be set to 8pps
In PTP environment some vendor devices acting as slaves expecting to announce messages at an interval of -3 (8pps) from the upstream master device. As of today announce messages are configurable in range of 0 to 3. To support the above requirement engineering provided a hidden cli knob "set protocol ptp master announce-interval -3". In the networks/design where we have this requirement, we can configure the hidden cli otherwise regular cli which is in the range (0 to 3) can be configurable. Both the cli knobs are mutually exclusive, commit error is expected if both are configured. This new change is applicable to ACX platforms only excluding ACX5k.
PR Number Synopsis Category: Resource Reservation Protocol
1471281 The rpd crash might be seen after doing some commit operations which could affect RSVP ingress routes
On all platforms with BGP PIC configured, if doing some commit operations where RSVP ingress routes are affected, the rpd crash might be seen.
1490163 High CPU utilization for rpd might be seen if RSVP is implemented
On all Junos platforms, when Multiprotocol Label Switching (MPLS) is configured with Resource Reservation Protocol (RSVP) as a signaling layer, CPU utilization for rpd might be high (more than 20%) if the MPLS ingress route has more than 32 equal-cost multipath (ECMP) next-hops. As a result, the performance of the device might be affected.
PR Number Synopsis Category: Sangria Platform including chassisd, RE, CB, power management
1471178 A PTX5K SIB3 might fail to come up in slot 0 and/or slot 8 when RE1 is master.
A PTX5K SIB3 might fail to come up in slot 0 and/or slot 8 when RE1 is master.
PR Number Synopsis Category: Generic platform and infra issues for MS-MIC and MS-MPC(XLP)
1489942 Prolonged flow-control might happen on MX platforms with MS-MPC/MS-MIC
On MX platforms with MS-MPC/MS-MIC, if there are lots of self-generated packets like TCP-tickle and UDP-logging, there might be data congestion on the data path due to no throttling functionality for such types of packets. When the data path is blocked, prolonged flow-control might happen with the service interfaces being brought down and the PIC reboot. At the same time, the mspmand core file will be generated if dump-on-flow-control is enabled.
PR Number Synopsis Category: MPC7/8/9 Interface Issues
1463015 The EA WAN SerDes gets into a stuck state, leading to continuous DFE tuning timeout errors and link staying down.
The interfaces on certain MX platforms might get stuck in a downstate if the remote interface sends invalid code to the local interface. The link might not come up even after the remote peer has begun sending a good signal.
PR Number Synopsis Category: MX10003/MX204 Platform SW - Chassisd s/w defects
1436832 The device may not be reachable after a downgrade from some releases
The master routing-engine on an MX10003 may hang during a reboot after a software upgrade or downgrade. The back-up routing-engine does not subject to the same software issue.

17.4R2-S11 - List of Known issues

PR Number Synopsis Category: Border Gateway Protocol
1482551 The rpd might be crashed after BGP peer flapping
On all Junos platforms, with BGP long-lived graceful restart (LLGR) or BGP route dampening configuration, The rpd might be cored after BGP peer flapping. This is a day-1 issue.
1487691 High CPU utilization might be observed when the outgoing BGP updates are sending slowly
On all Junos platforms with the BGP routing protocols, the rpd process might go into a high CPU utilization causing slow network convergence. If a BGP peer is receiving and processing BGP updates slowly, this may cause the BGP output queue of the sending BGP peer to be full. When the queue is full it causes high CPU utilization of the BGP IO thread (bgpio, it is part of the rpd daemon) on the sending BGP peer. This defect could cause network-wide slow BGP network convergence. (See also
PR Number Synopsis Category: Issues regarding Capella related to OTN/Software.
1419204 RX alarms are not set as according to the threshold value configured for the DCO Tunable Optics.
MDIO (Management data input/output) is a serial management interface for handling read/write access of the registers on the OTN CFP2. Due to a regression issue, MDIO returns command error for the write operation on the registers for the received optical power threshold. Hence the values for the received optical power threshold are not set correctly and the contents of the registers for received optical power thresholds are left to zero. Below syslog error messages are observed from the FPC ac200_dcfp2_cfp_write: MDIO command error, err status 8000, err addr b03c <<< ac200_dcfp2_cfp_write: MDIO command error, err status 8000, err addr b03d <<<
PR Number Synopsis Category: Flow Module
1465944 Junos OS: High-End SRX Series: Multicast traffic might cause all FPCs to reset. (CVE-2020-1634)
On High-End SRX Series devices, in specific configurations and when specific networking events or operator actions occur, an SPC receiving genuine multicast traffic may core. Refer to for more information.
PR Number Synopsis Category: Resource Reservation Protocol
1458527 RSVP interface bandwidth calculation might be incorrect when RSVP subscription percentage is configured under RSVP interface
When setting LSP bandwidth constraint and signaling LSP, the remaining bandwidth can be less than the expected one like in the below example. It is not allowing further reservation through this link. user@device> show rsvp interface RSVP interface: 2 active Active Subscr- Static Available Reserved Highwater Interface State resv iption BW BW BW mark et-0/1/0.0 Up 1 90% 100Gbps 4.99999Gbps 85Gbps 90Gbps <<<<<< So if trying to signal a new LSP with bandwidth 5G through this link it will fail.
PR Number Synopsis Category: Junos Automation, Commit/Op/Event and SLAX
1436773 The /var/db/scripts directory might be deleted after executing "request system zeroize"
On all platforms which support ZTP (Zero Touch Provisioning), the /var/db/scripts directory might get deleted after executing "request system zeroize", and it won't be recreated automatically.
Modification History:
Updated 2020-06-30 - removing PR1349373 from as it is marked incorrectly as the "Known" issue.
First publication 2020-06-22
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search