Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

18.2R3-S5: Software Release Notification for JUNOS Software Version 18.2R3-S5

0

0

Article ID: TSB17815 TECHNICAL_BULLETINS Last Updated: 16 Apr 2021Version: 4.0
Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, MX, NFX, PTX, QFX, SRX, vSRX, and vMX
Alert Description:
Junos Software Service Release version 18.2R3-S5 is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

Warning: With VPLS/Bridge-Domain environment, an MX/EX9200 Series router with Trio-based MPCs running software version 18.2R3-S5. The MPCs may experience NH memory leak in the PFEs when using integrated routing and bridging (IRB) interface participating in the VPLS/Bridge-domain instance.
Junos Software service Release version 18.2R3-S5 is now available.

18.2R3-S5 - List of Fixed issues

PR Number Synopsis Category: DOT1X
1504818 EX2300-48MP :: Client did not receive captive-portal success page by downloading the ACL parameter as Authentication failed
Product-Group=junos
In case of captive portal, authentication fails for captive portal user when receives the filter from the RADIUS for that user. This issue is seen only in the captive portal configuration with RADIUS filter when dot1x stanza is not present.
PR Number Synopsis Category: EX4300 Platform
1502726 Traffic loss might be seen with framing errors or runts if MACsec is configured on EX4300
Product-Group=junos
On EX4300 platform with Media Access Control Security (MACsec) configured, if there is high traffic flowing through the MACsec enabled link, increasing framing errors or runts statistics might be seen in the output of "show interfaces extensive <>" for the affected interface. Traffic loss might also happen due to this issue.
PR Number Synopsis Category: QFX Access control list
1499918 Traffic drop might be observed after modifying FBF firewall filter
Product-Group=junos
On QFX5K platforms, after making changes in filter-based forwarding (FBF) firewall filter that is configured with multiple terms or different routing instances, traffic drop might be observed.
PR Number Synopsis Category: QFX PFE CoS
1510365 Traffic might be forwarded to wrong queue when fixed classifier is used
Product-Group=junos
If L2 access or vlan bridge IFL is created after fixed classifier is applied, the traffic matching the fixed classifier might be forwarded in unexpected queue, it might cause congestion unexpectedly hence there is traffic impact.
PR Number Synopsis Category: QFX PFE L2
1474142 Traffic might be affected if composite next hop is enabled
Product-Group=junos
On QFX5000 and EX4600 platforms with composite next hop enabled, traffic loss would occur when deleting leaked routes with composite next hop.
1499422 The FPC will go down when 100G link comes up on the network port of the QFX5110-48S device
Product-Group=junos
On the QFX5110-48S device running on Junos 19.3R2-S2, 18.2R3-S3 or 18.2R3-S4, the FPC will go down when the 100G link comes up on the network port. This leads to FPC up and down every 90 seconds. During the problem state running CLI "show chassis fpc detail" will not yield any output for upto 90sec. user@device> show chassis fpc detail. <-------- Empty Once FPC state transition back to online state, the 100G transceivers gets detected and fpc flap is seen again. This behavior is seen continuously as long as 100G transceivers remain connected to the QFX device in question. If 100G interfaces gets disabled from CLI or physically removed from the QFX switch, the FPC flap will no longer be seen. Note: This issue is not applicable when 100G-QSFP is used as a VCP port on QFX5110-48S.
PR Number Synopsis Category: "agentd" software daemon
1455384 Agentd memory may leak and crash when RPD session closing without releasing memory on PTX or MX
Product-Group=junos
On PTX and MX, agentd memory may leak and crash because its memory leaking happens when the internal communication is broken between agentd and rpd.
PR Number Synopsis Category: Border Gateway Protocol
1396344 Processing a large scale as-path regex will cause the flap of the route protocols
Product-Group=junos
When 'as-path-group' is configured under BGP, if a configuration with a large scale as-path regex is committed, the route protocols flap might be seen.
1482551 The rpd might be crashed after BGP peer flapping
Product-Group=junos
On all Junos platforms, with BGP long-lived graceful restart (LLGR) or BGP route dampening configuration, The rpd might be cored after BGP peer flapping. This is a day-1 issue.
1499977 The rpd may crash if the import policy is changed to accept more routes that exceed the teardown function threshold
Product-Group=junos
On all platforms with BGP max-acceptance prefix limit (accepted-prefix-limit with teardown action) configured, the rpd crashes may occur when a policy change causes the number of routes being imported cross the configured threshold value and teardown action is being performed by the router.
PR Number Synopsis Category: MX Platform SW - FRU Management
1463169 The RE switchover may not be triggered when the master CB clock failure
Product-Group=junos
On the specific Junos platforms, the RE switchover may not be triggered when the master CB clock failure is detected. The master CB with faulty clock can't operate normally and this issue may cause fabric plane failure.
PR Number Synopsis Category: Ethernet OAM (LFM)
1454187 The CFM UP MEP session might get stuck in failed state on MX platform
Product-Group=junos
On MX platforms, if CFM UP MEP session is configured on AE interface with LACP and it is over l2vpn/l2circuit service, when AE link flaps due to LACP timeout or LACP state re-initialization or due to any other reason and l2vpn/l2circuit comes back up within CCM timeout, the CFM session might get stuck in failed state.
PR Number Synopsis Category: EVPN Layer-2 Forwarding
1498023 The l2ald memory leak may be observed in any EVPN scenario
Product-Group=junos
In any EVPN scenario (for example, active-active multi-homing mode, active-standby multi-homing mode, EVPN-VXLAN, or EVPN-MPLS), the l2ald memory might slowly come up when the local CE device or core face interfaces continuously flap. If the memory of l2ald is exhausted, it causes the l2ald to crash.
1503657 The MAC address of the LT interface might not be installed in the EVPN database
Product-Group=junos
In EVPN-VXLAN (Ethernet Virtual Private Network - Virtual Extensible LAN) scenario if the LT (Logical Tunnel) interface is under the bridge-domain of the EVPN-VXLAN instance, the MAC address of the LT interface might not be installed in the EVPN database. Thus no type-2 EVPN route is generated for the LT interface which results in unnecessary flooding and replication by the remote EVPN peer in the network.
PR Number Synopsis Category: jdhcpd daemon
1431201 The jdhcpd_era log files constantly consume 121M of space out of 170M, resulting into file system full and traffic impact
Product-Group=junos
On EX platforms with service dhcp enabled, the jdhcpd_era log files constantly consume 121M of space out of 170M, resulting into file system full and traffic impact. Memory usage of /var/log/ will reach 100%.
PR Number Synopsis Category: User Firewall related issues
1499090 Don't use capital characters for source-identity when using "show security match-policies" cmd.
Product-Group=junos
When using "show security match-policies" cmd to match a policy with source-identity configured, only the non-capital source-identity name can be matched by policy.
PR Number Synopsis Category: Multiprotocol Label Switching
1467278 The rpd might crash in PCEP for the RSVP-TE scenario
Product-Group=junos
In PCEP (Path Computation Element Protocol) with RSVP Traffic Engineered LSP (TE LSP) scenario, the two LSPs with the same TE LSP name might be shared between Path Computation Element (PCE) and Path Computation Client (PCC) in some rare cases. Then, if the configuration of LSP is delegated from CLI and externally controlled by PCC at the same time, the rpd might be crashed.
PR Number Synopsis Category: Bugs related to ethernet interface on MX platform
1493699 One port on MIC-3D-2XGE-XFP flapping might cause the other port on the same MIC to flap
Product-Group=junos
Due to the code change in PR 1463859, one port on MIC-3D-2XGE-XFP flapping might cause the other port on the same MIC to flap.
PR Number Synopsis Category: MX104 Software - Chassis Daemon
1453893 FPC/PFE crash may happen with ATM MIC installed in the FPC
Product-Group=junos
On MX-Series routers FPC crash (for MX240-MX2020 platforms) or PFE crash (on MX104 platform) may happen when MIC-3D-8OC3-2OC12-ATM is installed and ATM interfaces are configured.
PR Number Synopsis Category: MX10K platform
1415671 "FPC x Voltage Tolerance Exceeded" alarm raised and cleared upon bootup of JNP10K-LC2101
Product-Group=junos
After powering on the MPC "JNP10K-LC2101"chassis we are reading the voltage 1345 mV-1348mV for about ~20 sec and then its getting stabilized to the 1493mV, during this period we are reporting the "FPC x Voltage Tolerance Exceeded" Major alarm
1415671 "FPC x Voltage Tolerance Exceeded" alarm raised and cleared upon bootup of JNP10K-LC2101
Product-Group=junosvae
After powering on the MPC "JNP10K-LC2101"chassis we are reading the voltage 1345 mV-1348mV for about ~20 sec and then its getting stabilized to the 1493mV, during this period we are reporting the "FPC x Voltage Tolerance Exceeded" Major alarm
PR Number Synopsis Category: Kernel Composite Next Hop (composite / l3vpn) Infrastructure
1287956 Not following the guideline of rebooting entire chassis after changing chassis network-services configuration can cause vmcore and crash of FPCs/routing-engines on chassis.
Product-Group=junos
When configuration at hierarchy [edit chassis network-services] is changed a reboot of chassis is needed to avoid any unexpected behavior. One such behaviour is an assest condition due to issues in nexthop allocation leading to vmcore and reboot of FPCs/REs on the chassis. This PR introduces changes to handle such assert conditions gracefully and to avoid FPC/RE crash. The guideline of rebooting the entire chassis when configuration change is made is still valid.
PR Number Synopsis Category: FreeBSD Kernel Infrastructure
1450093 EX4300 : CLI config "on-disk-failure" is not supported
Product-Group=junos
On an EX4300 switch, the CLI configuration "set chassis routing-engine on-disk-failure disk-failure-action (reboot | halt)" is not supported.
PR Number Synopsis Category: "ifstate" infrastructure
1439906 FPC might reboot if jlock hog occurs on all Junos VM based platforms
Product-Group=junos
On a JUNOS VM using TSC clocking from the host system, "jlock hog" messages may be seen. This may lead to FPCs reboot.
PR Number Synopsis Category: Path computation client daemon
1472825 Manually configured ERO on NS controller lost when PCEP session bounced
Product-Group=junos
On all Junos platform with Path Computation Element Protocol (PCEP) enabled, if PCEP session bounced druing Routing Engine (RE) switchover on a LSP ingress router, unexpacted delete message might be sent from Path Computation Client (PCC) to Path Computation Element (PCE) with North Star (NS) controller. In the end, manually configured explicit route object (ERO) for RSVP-TE based label switched path (LSP) on NS controller will be lost. However, traffic go through ERO set on NS controller is still normal.
PR Number Synopsis Category: vMX Platform Infrastructure related issue tracking
1453967 The VMX might work abnormally in large topology
Product-Group=junos
In a large topology composed by hundreds VMX platforms, some of the VMX platforms might work abnormally, both VCP and VFP might work very slow or become unresponsive. This issue has service/traffic impact.
PR Number Synopsis Category: PTP related issues.
1421811 PTP might not work on MX104 if phy-timestamping is enabled
Product-Group=junos
On MX104 platform with any 2-port license installed on 10G interfaces and phy-timestamping enabled in PTP, PTP might not work.
1451950 FPC core may be seen after changing the configuration of PTP or Synchronous Ethernet.
Product-Group=junos
On the ACX/MX/QFX platform with PTP (Precision Time Protocol)/SyncE (Synchronous Ethernet) enabled, if configuration changes for the PTP/SyncE are combined with multiple events, the FPC core might be seen.
1458581 The "FPC X major errors" alarm may be raised after committing the PTP configuration change
Product-Group=junos
On MX router with MPC5/MPC6/MPC7/MPC8/MPC9/MPC10 installed environment, after committing the PTP configuration change, the "FPC X major errors" alarm may be raised. This issue may cause interface flap and traffic loss.
PR Number Synopsis Category: Chassis mgmt for all QFX systems - chassis MIB, alarms, CLI
1456742 The laser from the 10G SFP+ interface is still on when the interface is disabled or the device is rebooted
Product-Group=junos
On the QFX5210/QFX5110/QFX5100 platform, the laser is still emitting from 10G SFP+ port even though the interface is disabled or the device is rebooted. It will cause the peer's interface is still up and might impact traffic.
PR Number Synopsis Category: QFX Control Plane Kernel related
1421250 A vmcore is seen on QFX VC
Product-Group=junos
On QFX Series Virtual Chassis during shutdown, if an interrupt is received, the system gets into this state and vmcore is observed.
1421250 A vmcore is seen on QFX VC
Product-Group=junosvae
On QFX Series Virtual Chassis during shutdown, if an interrupt is received, the system gets into this state and vmcore is observed.
1457414 The PFE process might crash after RE (routing-engine) switchover on QFX10K platforms
Product-Group=junos
On QFX10K platforms, the PFE process might crash after routing engine (RE) switchover if the device has GRE(Generic Routing Encapsulation) or p2p interface configuration. The issue is due to the internal tokens allocated for GRE or p2p interfaces on master RE are not sent to backup RE. Since these tokens are not available on backup RE, there will be issues post GRES (Graceful Routing Engine Switchover) as the new master will end up creating same tokens as the old master. These tokens are already received by PFE from old master, the PFE will reject the new tokens and may panic.
PR Number Synopsis Category: QFX platform optics related issues
1497947 lcmd core seen on QFX5210064C
Product-Group=junosvae
The LCMD process is the Linux Chassis Management Management Daemon. Due to a bug in the I2C handling in the daemon, a core dump may be seen. There is no specific user-visible trigger for the core dump and you may see several erroneous alarms when the core dump occurs. These should clear after the daemon automatically restarts
PR Number Synopsis Category: QFX PFE Class of Services
1472771 DSCP marking might not work as expected if the fixed classifiers are applied to interfaces on QFX5000/EX4600 platforms
Product-Group=junos
On QFX5000/EX4600 platforms, if the interfaces are configured with the fixed classifiers, when some specific configuration changes are committed, for example, the same forwarding-class is applied to two different interfaces at the same time, and then the forwarding-class for one of the interfaces is changed and committed to a different value, the Differentiated Services code point (DSCP) marking might not be able to work as expected since both physical interfaces are still having the same forwarding-class mapped in the hardware table due to this issue.
PR Number Synopsis Category: QFX L2 PFE
1497993 Traffic might get dropped if AE member interface is deleted/added or a SFP of the AE member interface is unplugged/plugged
Product-Group=junos
On QFX5K/EX46xx platforms, if STP is configured on vlan but the AE interface which is part of that vlan is not configured with STP, after an AE member interface is deleted or a SFP of the AE member interface is unplugged, and when the deleted AE member interface is added back or the unplugged SFP is plugged again, traffic via that AE interface might get dropped. LACP and LLDP traffic are not affected by this issue.
PR Number Synopsis Category: KRT Queue issues within RPD
1501817 Traffic blackhole might be seen in fast-reroute scenario
Product-Group=junos
From Junos release 17.2R1-S8 the session fast-reroute is enabled by default in PFE (Packet Forwarding Engines). In the platform using unilist (one kind of indirect next-hop) as route next hop type for multiple paths scenario (such as BGP PIC or ECMP), if BGP PIC or ECMP-FRR is used, In case of that the version-id of session-id of indirect next-hop (INH) is above 256, PFE might not respond to session update and hence it might cause the session-id permanently to be stuck with the weight of 65535 in PFE. It might lead PFE to have a different view of UNILIST against load-balance selectors. Then, the BGP PIC and the ECMP-FRR might not work properly, the traffic blackhole might be seen.
PR Number Synopsis Category: multicast source distribution protocol
1485206 There might be rpd memory leak in a certain looped MSDP scenario
Product-Group=junos
On all Junos platforms running in the Multicast Source Discovery Protocol (MSDP) scenario, if there are multiple overlapping mesh groups existing in the topology, for example, node A and B belong to mesh group M, node A and D belong to mesh group N, while node B and D belong to a different mesh group O, the Source Active (SA) messages sent from node A might get continously looped due to this issue. This might lead to the rpd memory leak and 100% CPU utilization.
PR Number Synopsis Category: SRX Argon module bugs
1480005 The flowd or srxpfe process might stop when advanced anti-malware service is used.
Product-Group=junos
On all multiple-threads SRX Series devices with Advanced Anti-MalWare service used, in a rare condition that a deadlock might occur among multiple threads, which results in the flowd/srxpfe crash.
PR Number Synopsis Category: Stout PF fabric (SFB2)
1461356 Traffic might be impacted because the fabric hardening is stuck
Product-Group=junos
Fabric hardening (FH) is the process of controlling bandwidth degradation to prevent traffic black hole. When FH is processing, if SFB/SCB get failure, FH process will be stuck, which will get traffic lost.
PR Number Synopsis Category: Issues related to broadband edge apps (PPP, DHCP) on Trio ch
1496265 "PFEIFD: Could not decode media address with length 0" error messages generated by PFE when subscribers come up over a pseudowire interface.
Product-Group=junos
The error message "PFEIFD: Could not decode media address with length 0" can be observed when subscribers come up over a pseudowire interface, but there is no functional impact.
PR Number Synopsis Category: Trio pfe bridging, learning, stp, oam, irb software
1488251 MAC learning under bridge-domain stops after MC-LAG interface flap
Product-Group=junos
MAC learning under bridge-domain over MC-LAG interface stops after MC-LAG interface flap
PR Number Synopsis Category: Trio pfe l3 forwarding issues
1341610 Syslog error messages Err] PFEIFD: Could not decode media address with length 0 may be generated by PFE
Product-Group=junos
The error message "PFEIFD: Could not decode media address with length 0" may be observed shortly after commit, but there is no functional impact.
PR Number Synopsis Category: Configuration mgmt, ffp, load-action, commit processing
1468119 Daemons might not be started if "commit" is executed after "commit check"
Product-Group=junos
in Junos OS Release 16.2R1 and later, if "commit" is executed after "commit check", the daemon (for example, dhcpd and sampled) might not get started even after the related configuration is successfully committed.
PR Number Synopsis Category: UI Infrastructure - mgd, DAX API, DDL/ODL
1465171 Commit script does not apply changes in private mode unless a commit full is performed
Product-Group=junos
Commit script does not apply changes in private mode unless a commit full is performed.
 

18.2R3-S5 - List of Known issues

Removed due to inaccuracy in the source data
Modification History:
2021-04-16 Removed "KNOWN ISSUE" table due to data inaccuracy
2021-02-03 Update to remove PR1469400 from the "KNOWN ISSUE" - The PR was incorrectly documented as not-fixed in this version. However, it was fixed since 18.2R3-S3.
2020-09-18 Update to include a warning about PFE memory leaks when using IRB with VPLS/Bridge-domain
First publication 2020-07-02
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search