Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

18.4R3-S4: Software Release Notification for JUNOS Software Version 18.4R3-S4

0

0

Article ID: TSB17816 TECHNICAL_BULLETINS Last Updated: 05 Oct 2020Version: 5.0
Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, MX, PTX, QFX, NFX, SRX, VRR, vMX, vSRX
Alert Description:
Junos Software Service Release version 18.4R3-S4 is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

Junos Software service Release version 18.4R3-S4 is now available.

18.4R3-S4 - List of Fixed issues
PR Number Synopsis Category: DOT1X
1512724 DOT1XD_AUTH_SESSION_DELETED event is not triggered with single supplicant mode
Product-Group=junos
When a 802.1X session terminates, an event denoting the same was not logged in single supplicant mode. As fix, a new event "DOT1XD_USR_SESSION_DISCONNECTED" is logged consistently whenever a session terminates irrespective of supplicant mode. "DOT1XD_AUTH_SESSION_DELETED" events still get generated too but only for multiple and single-secure supplicant modes (as per design).
PR Number Synopsis Category: EX4300 Platform
1405262 EX4300 : Alarm with removal of PEM (Power supply)
Product-Group=junos
EX4300 : When PEM (Power supply) is removed, Alarm was not generated. With this fix, Alarm will be generated and ALM LED will be illuminated with yellow.
PR Number Synopsis Category: MX10008/16 Platform
1420571 "show chassis power" output status doesn't seem right and there are also similar error messages in the syslog after turn off / on power feed
Product-Group=junos
After changing the power feed(s), either turn off or turn on, show chassis power outputs do not match real condition and there are also incorrect Syslog information recorded.
1420571 "show chassis power" output status doesn't seem right and there are also similar error messages in the syslog after turn off / on power feed
Product-Group=junosvae
After changing the power feed(s), either turn off or turn on, show chassis power outputs do not match real condition and there are also incorrect Syslog information recorded.
PR Number Synopsis Category: QFX PFE CoS
1510365 Traffic might be forwarded to wrong queue when fixed classifier is used
Product-Group=junos
If L2 access or vlan bridge IFL is created after fixed classifier is applied, the traffic matching the fixed classifier might be forwarded in unexpected queue, it might cause congestion unexpectedly hence there is traffic impact.
1510365 Traffic might be forwarded to wrong queue when fixed classifier is used
Product-Group=junosvae
If L2 access or vlan bridge IFL is created after fixed classifier is applied, the traffic matching the fixed classifier might be forwarded in unexpected queue, it might cause congestion unexpectedly hence there is traffic impact.
PR Number Synopsis Category: Border Gateway Protocol
1396344 Processing a large scale as-path regex will cause the flap of the route protocols
Product-Group=junos
When 'as-path-group' is configured under BGP, if a configuration with a large scale as-path regex is committed, the route protocols flap might be seen.
PR Number Synopsis Category: BBE Remote Access Server
1489339 The authd logs events might not be sent to syslog host when destination-override is used
Product-Group=junos
On MX Series platforms, when destination-override is used(root@user# set system tracing destination-override syslog host ), the user access events are not sent to the external syslog server.
PR Number Synopsis Category: dhcpd daemon
1471161 DHCP relay with forward-only might fail to send OFFER messages when DHCP client is terminated on logical tunnel interface
Product-Group=junos
On all Junos platforms, when DHCP relay is configured with forward-only, and DHCP client is terminated on logical tunnel interface that multiple IFLs under this lt- interface have a same VLAN, DHCP relay might fail to send OFFER messages.
PR Number Synopsis Category: Express PFE L2 fwding Features
1352805 QFX10000 platform drops Aruba wireless AP heartbeat packets
Product-Group=junos
QFX10000 platform drops the Aruba wireless access point (AP) heartbeat packets. As a result, the Aruba wireless AP cannot work.
1442587 The PMTUD might not work for both IPv4 and IPv6 if the ingress L3 interface is an irb
Product-Group=junos
Path MTU Discovery (PMTUD) is a standardized technique for determining the maximum transmission unit (MTU) size on the network path between two IP hosts, usually with the goal of avoiding IP fragmentation. On QFX10K platforms, the PMTUD might not work for both IPv4 and IPv6 if the ingress L3 interface is an irb. The corresponding ICMP Fragmentation Needed packet to the sender might be dropped silently, then PMTUD fails. This issue has service impact.
PR Number Synopsis Category: Libjtask for RPD tasks, scheduler, timers, memory, and slip
1401396 The rpd might crash when condition-manager policy is configured for routing table and the same routing table is repeatedly deleted then re-added
Product-Group=junos
The rpd might crash and restart when condition-manager policy is configured for routing table and the same routing table is repeatedly deleted then re-added. The issue is not fixed in 19.2R1, and it is fixed in 17.4R2-S8-J1 17.4R2-S9 18.2X75-D33 19.2R2 19.2R2-EVO 19.3R1 19.3R1-EVO 19.4R1.
PR Number Synopsis Category: Optical Transport Interface
1475777 The interface on MIC3-100G-DWDM might be going down after performing an interface flap
Product-Group=junos
On MX with MIC3-100G-DWDM installed, after performing an interface flap, the interface on 100G DWDM MIC might be going down.
PR Number Synopsis Category: User Firewall related issues
1499090 Don't use capital characters for source-identity when using "show security match-policies" cmd.
Product-Group=junos
When using "show security match-policies" cmd to match a policy with source-identity configured, only the non-capital source-identity name can be matched by policy.
PR Number Synopsis Category: Layer 2 Circuit issues
1512834 The rpd might crash when deleting l2circuit configuration in a specific sequence
Product-Group=junos
If l2circuit local-switching is enabled with connection-protection, the rpd could crash in the following configuration change sequence. 1. First, delete the logical interface (IFL) used by a l2circuit and commit the change. 2. Then, delete the corresponding l2circuit configuration. The rpd could crash after committing the change.
PR Number Synopsis Category: Layer 2 Control Module
1505710 The l2cpd crash might be seen if adding/deleting ERP config and then restart l2cpd
Product-Group=junos
Core files are generated if you add or delete ERP configuration multiple times and restarted l2cpd or rebooted the box. If this issue is happened, l2cpd does not recover again and generates core file continuously.
PR Number Synopsis Category: Layer2 forwarding on EX/NTF/PTX/QFX
1512802 [MX] l2ald memory leak upon addition/deletion of vxlan routing-instances and interfaces
Product-Group=junos
On MX series platforms, l2ald (layer 2 address learning daemon) memory leaks upon addition/deletion of vxlan routing-instances and interfaces.
PR Number Synopsis Category: Label Distribution Protocol
1509578 Activating/Deactivating LDP-sync under OSPF might cause LDP neighborship to go down and stay down
Product-Group=junos
When container-label-switched-path is configured with ldp-tunneling, LDP targeted adjacency may go down and stay down after configuration not related to container-label-switched-path is modified.
PR Number Synopsis Category: PTP related issues.
1421811 PTP might not work on MX104 if phy-timestamping is enabled
Product-Group=junos
On MX104 platform with any 2-port license installed on 10G interfaces and phy-timestamping enabled in PTP, PTP might not work.
1477192 QFX10002-36Q/72Q: Continous Error logs on the device: prds_ptc_wait_adoption_status: PECHIP[1] PTC[1]: timeout on getting adoption valid bit[8] asserted
Product-Group=junosvae
Specific PTP error logs seen on QFX10002-36Q/72Q switch even though there is no PTP configuration on the device. Errors keeps on occurring every 2 to 4 minutes. Error logs could still appear even after Hard reboot.
PR Number Synopsis Category: QFX Platform related (SYSLOG/ALARMS/miscellaneous)
1387098 Traffic loss may be observed due to switch modular failure on CB
Product-Group=junos
On QFX10008/QFX10016/PTX10008/PTX100016 platforms, traffic loss might be observed because of switch modular failure on the Control Board (CB). This failure further causes all SIBs to be marked as faulty and causes FPCs to restart until Routing Engine switchover occurs.
PR Number Synopsis Category: QFX L2 PFE
1497993 Traffic might get dropped if AE member interface is deleted/added or a SFP of the AE member interface is unplugged/plugged
Product-Group=junos
On QFX5K/EX46xx platforms, if STP is configured on vlan but the AE interface which is part of that vlan is not configured with STP, after an AE member interface is deleted or a SFP of the AE member interface is unplugged, and when the deleted AE member interface is added back or the unplugged SFP is plugged again, traffic via that AE interface might get dropped. LACP and LLDP traffic are not affected by this issue.
1504354 LLDP is not acquired when native-vlan-id and tagged vlan id are the same on a port
Product-Group=junos
LLDP packets are not acquired when native-vlan configured is same as tagged vlan-id.
PR Number Synopsis Category: Resource Reservation Protocol
1434522 Traffic loss might happen if p2mp with NSR enabled
Product-Group=junos
In p2mp with NSR scenario, when the switchover happens, the traffic might be lost due to the correct forwarding states is not synchronized to old Backup RE.
1505834 The rpd process might crash with RSVP configured in a rare timing case
Product-Group=junos
On all Junos platforms running with the Resource Reservation Protocol (RSVP) configured, when some socket error happens, RSVP might be unable to send message, however the counter for sent messages has already been increased due to the software design defect. The wrong counter might lead to the rpd process crash. It's a rare timing issue and it might be more likely to happen in a scaled scenario.
PR Number Synopsis Category: SNMP Infrastructure (snmpd, mib2d)
1473288 SNMP trap coldStart agent-address becomes 0.0.0.0.
Product-Group=junos
Agent-address on snmp trap coldStart might not be expected as configured.
PR Number Synopsis Category: Generic platform and infra issues for MS-MIC and MS-MPC(XLP)
1489942 Prolonged flow-control might happen on MX platforms with MS-MPC/MS-MIC
Product-Group=junos
On MX platforms with MS-MPC/MS-MIC, if there are lots of self-generated packets like TCP-tickle and UDP-logging, there might be data congestion on the data path due to no throttling functionality for such types of packets. When the data path is blocked, prolonged flow-control might happen with the service interfaces being brought down and the PIC reboot. At the same time, the mspmand core file will be generated if dump-on-flow-control is enabled.
PR Number Synopsis Category: SFW, CGNAT on MS-MIC/MS-MPC (XLP)
1496211 The B4 might not able to establish the softwire with AFTR
Product-Group=junos
In dual-stack lite (DS-Lite) scenario, if the DS-Lite softwire-initiator (such as B4) and the Address Family Transition Router (AFTR, it acted as softwire-concentrator) is deployed with service-set included multiple softwire-rules, the wrong rule-id might be chosen for the traffic including either normal data packet or Port Control Protocol (PCP) mapping requested from the basic bridging broadband (B4) subscribers. It might cause the failures on the allocation of subscribers and choice of softwire sessions, then the subscribers behind the B4 are unable to establish a softwire (an IPv4-over-IPv6 tunnel) to AFTR.
PR Number Synopsis Category: Trio pfe bridging, learning, stp, oam, irb software
1503947 MPCs may crash when there is a change on routes learnt on IRB interface configured in VPLS/EVPN instances
Product-Group=junos
On MX platforms, when an IRB interface is configured in VPLS/EVPN instances, MPCs might crash if the routes learnt on the IRB interface change.
PR Number Synopsis Category: V44 Aggregation Device Platforms
1490101 The extended ports on cluster EX4300s always show half-duplex from the Aggregate Device
Product-Group=junos
In Fusion environment, if the satellite device is a cluster EX4300, the Aggregate Device may show the extended ports on the cluster EX4300 working in "Half-Duplex" mode, even though the ports are actually working in "Full-Duplex" mode.
PR Number Synopsis Category: Junos Upgrade
1505864 SRX5k fails to upgrade to some Junos versions directly from 15.1X49 with "ERROR: unsupported h/w"
Product-Group=junos
On SRX5000 series, when upgrading Junos from a 15.1X49 release to specific higher Junos releases, the installation will fail with the message "ERROR: unsupported h/w". Affected target releases are Junos 18.4R3-S2 and 18.4R3-S3.
 

18.4R3-S4 - List of Known issues

PR Number Synopsis Category: PFE L2
1480132 On QFX5100, fxpc CPU utilization is increased after Broadcom SDK upgrade to 6.5.x from 5.3.x
Product-Group=junos
On QFX5100 switches, FXPC CPU utilization is increased due to high number of active ports after third-party (Broadcom ) SDK upgrade to 6.5.x from 5.3.x.
PR Number Synopsis Category: All issues related to L3 data-plane/forwarding
1481987 Multicast traffic loss could be seen in certain conditions while enabling IGMP snooping under EVPN-VXLAN ERB scenario
Product-Group=junos
On QFX5110 & QFX5120 platform, which is running as Layer 3 VxLAN gateway, if "igmp-snooping" is enabled in partial but not for all bridge-domains, multicast traffic loss could be observed in non-igmp snooping bridge-domains.
PR Number Synopsis Category: Miscellaneous PFE on ACX 500,1k,2k,4k,5k series
1407098 High CPU utilization of fxpc process may be observed with class-of-service changes on interfaces
Product-Group=junos
On ACX5048/ACX5096 platforms, when applying COS configurations (schedulers related) on interfaces, the CPU utilization on fxpc process might be seen. And it might affect service.
PR Number Synopsis Category: functionality related to Broadband Remote Access Server
1402653 The subscribers might need to take login retry in the scenario with high usage of the address pool
Product-Group=junos
On all Junos platforms running in subscriber scenario with address pool configured, if the address pool has high usage so that only few addresses are free to allocate, when there are subscribers logout and login, the released address by one subscriber might get re-used and allocated to the other subscriber very soon. Due to this issue, syslog error messages might be seen, and the affected subscriber might need to take retry for login.
PR Number Synopsis Category: EVPN control plane issues
1485377 The ARP entry is gone from kernel after adding and deleting the virtual-gateway-address
Product-Group=junos
On MX/QFX10002/QFX10008/QFX10016 devices within an EVPN-MPLS active-active multi-homing mode, when adding and deleting the virtual-gateway-address, the ARP entry to CE might disappear from the kernel.
PR Number Synopsis Category: Express PFE L2 fwding Features
1446291 On QFX10K platforms removing EVPN-VXLAN L3 Gateway on the IRB interface from spine switches might cause black holing of traffic
Product-Group=junos
On QFX10000 platforms, in an EVPN-VXLAN (spine-leaf) scenario, the QFX10000 spine switches are configured with VXLAN Layer 3 gateway (utilizing the virtual gateway) on an IRB interface. If you enable and then subsequently remove the VXLAN Layer 3 gateway on this IRB interface on one or some of these spine switches, traffic drop might be observed. As a workaround, configure all virtual gateways with unique IPv4 or IPv6 MAC address.
PR Number Synopsis Category: Express pfe Mclag
1464409 Traffic does not forward across ICL when SFP is not inserted on a MC-LAG link with Enhanced convergence
Product-Group=junos
Traffic does not forward across ICL when SFP is not inserted on a MC-LAG link with Enhanced convergence
PR Number Synopsis Category: Libjtask and RPD's tasks, scheduler, timers,memory, and slip
1456611 MPLS Statistics file not rolling over / rotating and keeps on growing indefinitely
Product-Group=junos
With 64-bit RPD running with MPLS statistics configured, the MPLS statistics file is not rotating/rolling over as per the configured file size limit and the logs continue to be written to a single file continuously. user@router1> show configuration protocols mpls statistics { file mpls.statistics size 10m files 10; interval 60; } user@router1> file list /var/log/mpls* detail -rw-r----- 1 root wheel 1146845922 Aug 14 01:34 /var/log/mpls.statistics <<<<< 10MB This issue is specific to 64-bit RPD. To check if RPD is running in 32-bit or 64-bit, use the "show system processes | match rpd" command: The output should contain `/usr/libexec64/rpd' for 64-bit mode and for 32-bit mode, it should contain `/usr/sbin/rpd'
PR Number Synopsis Category: Firewall Policy
1500938 The srxpfe/flowd process might crash due to memory corruption within JDPI
Product-Group=junos
On SRX/MX platforms, if there are any services (e.g. AppID, IDP, APBR and so on) running based on Juniper Deep Packet Inspection (JDPI), when the work load is reaching heavy level, for example, above 50% of max connection per second for Layer 7 security policy, or 30% for IDP, the srxpfe/flowd process might crash due to memory corruption caused by this issue.
PR Number Synopsis Category: Layer 2 Control Module
1473610 ERP might not come up properly when MSTP and ERP are enabled on the same interface.
Product-Group=junos
When both MSTP and ERP are enabled on the same interface, then ERP does not come up properly.
PR Number Synopsis Category: l2 forwarding on non atlas platforms
1505976 VRRPv6 might not work in EVPN scenario
Product-Group=junos
In EVPN scenario with VRRPv6 used, the ethernet source mac address might be used for IPv6 mac-ip binding when the NA is sent from VRRPv6 master, as this unexpected behavior is triggered on regular intervals, it causes the entries to keep refreshing in EVPN database because NS from VRRPv6 master changes the mac-ip binding. Hence it has traffic impact.
PR Number Synopsis Category: MX104 Software - Chassis Daemon
1453893 FPC/PFE crash may happen with ATM MIC installed in the FPC
Product-Group=junos
FPC crash on MX240 and MX2020 routers or Packet Forwarding Engine crash on MX104 routers might happen when the MIC-3D-8OC3-2OC12-ATM is installed and ATM interface is configured.
PR Number Synopsis Category: Kernel-only Base FreeBSD Infrastructure
1450093 EX4300 : CLI config "on-disk-failure" is not supported
Product-Group=junos
On an EX4300 switch, the CLI configuration "set chassis routing-engine on-disk-failure disk-failure-action (reboot | halt)" is not supported.
1510224 Issuing the CLI command "request system zeroize" or upgrade on EX2300 may cause the console unresponsive
Product-Group=junos
Issuing the CLI command "request system zeroize" or upgrade on EX2300 may cause the console unresponsive.
PR Number Synopsis Category: Kernel Stats Infrastructure
1462986 Slow response from SNMP might be observed after an upgrade to Junos OS Release 19.2R1 and later.
Product-Group=junos
Slow response introduced with PR/1411303 fix, is getting resolved with this PR.
PR Number Synopsis Category: PRs for PTP related issues.
1507782 CLI knob to configure announce-interval as -3 so that the announce messages rate will be set to 8pps
Product-Group=junos
In PTP environment some vendor devices acting as slave expecting announce messages at an interval of -3 (8pps) from upstream master device. As of today announce message are configurable in range of 0 to 3. To support the above requirement engineering provided a hidden cli knob "set protocol ptp master announce-interval -3". In the networks/design where we have this requirement we can configure the hidden cli otherwise regular cli which is in the range (0 to 3) can be configurable. Both the cli knobs are mutually exclusive, commit error is expected if both are configured. This new change is applicable to ACX platforms only excluding ACX5k.
PR Number Synopsis Category: QFX ISSU Infrastructure
1490799 After ISSU/ISSR, a port using SR4/LR4 optics may not come up
Product-Group=junos
On QFX5100/5200 platforms, a port using SR4/LR4 optics might not come up after ISSU (In-Service Software Upgrade)/ISSR (In-Service Software Reboot).
PR Number Synopsis Category: PFE L2
1500825 The ERPS might not work correctly on QFX5k
Product-Group=junos
On QFX5k platforms, Ethernet ring protection switching (ERPS) might not work correctly due to ERPS instance programming failure in hardware which might cause loop in the network.
1515254 On QFX5000 and EX46xx with VXLAN enabled , ARP request may get dropped if storm control is configured
Product-Group=junos
ARP request get dropped on QFX5000 and EX46xx devices when all of the following condition are met. 1.Storm control is enabled on any of the port. 2.VXLAN is enabled 3.Arp-suppression is enabled.
PR Number Synopsis Category: Resource Reservation Protocol
1458527 RSVP interface bandwidth calculation might be incorrect when RSVP subscription percentage is configured under RSVP interface
Product-Group=junos
When setting LSP bandwidth constraint and signaling LSP, the remaining bandwidth can be less than the expected one like in the below example. It is not allowing further reservation through this link. user@device> show rsvp interface RSVP interface: 2 active Active Subscr- Static Available Reserved Highwater Interface State resv iption BW BW BW mark et-0/1/0.0 Up 1 90% 100Gbps 4.99999Gbps 85Gbps 90Gbps <<<<<< So if trying to signal a new LSP with bandwidth 5G through this link it will fail.
PR Number Synopsis Category: Interface Issues seen on Stout cards (MPC7, MPC8, MPC9)
1513321 Tunable params wavelength set via the cli configuration is not set on SFP+-10G-T-DWDM-ZR optics when the optics is placecd on MPC7E 3D 40XGE line card.
Product-Group=junos
Tunable params wavelength set via the cli configuration is not set on SFP+-10G-T-DWDM-ZR optics when the optics is placecd on MPC7E 3D 40XGE line card.
PR Number Synopsis Category: Stout cards (MPC8, MPC9) fabric issues
1395591 MPC9E throughput degradation after offline SFB2 on MX2008
Product-Group=junos
On MX2008 routers with MPC9E, in a line rate traffic with a redundant SFB2 scenario, if you offline one redundant SFB2, there might be tail or sometimes WRED drops in MPC9E, resulting in partial traffic loss. Under normal circumstances, the SFBs should be auto-failover if one of them fails, and there should be only a few packets dropped momentarily.
PR Number Synopsis Category: Issues related to mgd, DAX API, DDL/ODL infrastructure, Juno
991081 The configuration change on Backup RE cannot be synchronized while deleting inactivated interfaces/routing-instances from master
Product-Group=junos
In the dual Routing Engine scenario, the backup Routing Engine does not sync up the configuration change while deleting an inactivated interface/routing-instances from the master. So after the operation, the inactivated interface/routing-instances still exists on the backup Routing Engine.

Modification History:
2020-07-05 - First publication
2020-07-14 - Added SRX PR1505864 to the 18.4R3-S4 List of Fixed issues
2020-07-15 - Updated the content of "Known" issues. Previous logic incorrectly identified issues which is not applicable to the releases as "Open"
2020-10-05 - Updated the content of "Known" issues. Removed PR1468119 from the known issue since it was incorrectly marked as "not-fixed" in the database.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search