Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

19.4R2-S2-EVO: Software Release Notification for JUNOS Software Version 19.4R2-S2-EVO

0

0

Article ID: TSB17819 TECHNICAL_BULLETINS Last Updated: 08 Jul 2020Version: 1.0
Alert Type:
SRN - Software Release Notification
Product Affected:
PTX10003 QFX5220
Alert Description:
Junos Software Service Release version 19.4R2-S2-EVO is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

Junos Software service Release version 19.4R2-S2-EVO is now available.

19.4R2-S2-EVO - List of Fixed issues

PR Number Synopsis Category: Border Gateway Protocol
1502327 Junos OS and Junos OS Evolved: RPD crash when processing a specific BGP packet (CVE-2020-1648)
Product-Group=evo
On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific BGP packet can lead to a routing process daemon (RPD) crash and restart. Refer to https://kb.juniper.net/JSA11035 for more information.
PR Number Synopsis Category: EVO Class of Services
1500722 CoS interface bind - interface name.
Product-Group=evo
On a system running Junos Evolved, class of service configuration does not bind to the intended interfaces when using interfaces' wildcard matching -- such as "et-0/*/*" Use explicit "set class-of-service interface ..." config per-interface without using wildcards if the config is required per FPC/per PIC.
PR Number Synopsis Category: EVO Netstack FIB Service Daemon
1487437 fibd daemon crashes and generates a core file.
Product-Group=evo
Under high load, ppmd and fibd may interact in a way that causes fibd to crash and generate a core file. On a dual routing engine system, this crash triggers a fibd failover. All processes requiring network services that were connected to the crashed fibd will reconnect to the backup fibd running on the other routing engine, and should continue to function normally.
PR Number Synopsis Category: Firewall related development
1492061 Some unexpected behaviors might be seen when an empty prefix-list is configured in a filter term as match-condition
Product-Group=evo
On Evo-based platforms, when a prefix list (does not have any prefixes) is configured in a filter term as match-condition, it does not work as expected. It might affect the service which uses the filter term. In detail, if a filter term refers to prefix list as match-condition and the prefix list does not have any prefixes (directly configured or inherited through apply-path) in it, then such match-condition should be treated as "Match none" and none of the packets should hit that term. However, it might be treated as "Match any" in the code and the term might get hit if the packet satisfies other match conditions in the term.
PR Number Synopsis Category: Issues related to debug utilties - objmon,objshell/Dashboard
1438094 [JUNOS-EVOLVED CHANGES] Utility: Differences in xml tags for "show system uptime"
Product-Group=evo
There are differences in XML tags for "show system uptime" compared to Junos.
PR Number Synopsis Category: SNMP, mib2d issues
1514156 SNMP response packets have [DF] Don't fragment flag set by default in routers running affected JUNOS-EVOLVED release.
Product-Group=evo
SNMP response packets have [DF] Don't fragment flag set by default.
PR Number Synopsis Category: Express PFE MPLS Features
1498949 Traceroute in an MPLS network might not show the complete path.
Product-Group=evo
The result of traceroute in an MPLS network may not show the complete path.
PR Number Synopsis Category: Issues related to control plane security
1467467 SSH service is unresponsive after setting system services ssh key-exchange dh-group1-sha1.
Product-Group=evo
When the SSH service is configured with certain key-exchange algorithms, the SSH server becomes unresponsive. For example: set system services ssh key-exchange dh-group1-sha1.
PR Number Synopsis Category: Express ZX PFE L3 Features
1505150 A packetio core may occur on a rare occasion during the initialization after system reboot and this may result in a second reboot.
Product-Group=evo
A packetio core may occur on a rare occasion during the initialization after system reboot and this may result in a second reboot.
 

19.4R2-S2-EVO - List of Known issues

PR Number Synopsis Category: HW Board, FPGA, CPLD issues
1491803 Failed to start MGD initialization of schema and database while upgrade from Junos OS Evolved 19.3R2.1 to 19.4-202002240046.0-EVO ]: mgd-init service fails due to clksyncd failure.
Product-Group=evo
A QFX5220 may fail during an upgrade from 19.3R2.1 to 19.4-202002240046.0-EVO or later release due to "clksyncd" failure.
PR Number Synopsis Category: "agentd" software daemon
1470872 xmlproxyd binding queue complete-deleted anomalies seen for the type net::juniper::config::services::agent.
Product-Group=evo
This can happen in negative test cases. When customer installs a yang package then configures a sensor and then deletes the yang package before deleting the sensor.
PR Number Synopsis Category: PTX10003 Platform Resiliency
1499291 CRC errors on Interface may result in Cmerror and ASIC errors in logs.
Product-Group=evo
CRC errors on an interface might result in Cmerror and ASIC errors in logs.
PR Number Synopsis Category: software upgrade infra issues
1495655 Block software upgrade when image that is not compatible with the platform is used.
Product-Group=evo
Junos Evolved software upgrade process does not detect an Image's incompatibility for a platform. For example, we don't report an incompatibility when trying to use an image for PTX10003-EVO on a PTX10008-EVO and vice versa. The system ends up with an incompatible image and needs to boot from snapshot to recover.
PR Number Synopsis Category: EVO L2 Control Plane PRs
1457825 The switch-options configuration not available on lean rpd images.
Product-Group=evo
switch-options config not available on lean RPD images
PR Number Synopsis Category: EVO linux defects & enhancement requests
1482363 EVO: Telnet login related issue with Template (TACACS & Radius)
Product-Group=evo
When a TACACS user or a RADIUS user logs in through Telnet, the username displayed in login prompt, show cli authorization output, show system users output, and accounting logs is template username and not the actual username of the logged-in user. The issue here is a display issue where the username displayed will be the template username instead of the actual logged -in username, but there is no functional issue. The problem is specific to Telnet and when the user logs in through SSH, the actual logged-in username is displayed.
PR Number Synopsis Category: Configd, ffp issues
1492765 Delay in deleting PrefixListConfig objects after switching between base config and scale config multiple times
Product-Group=evo
When changing the configuration between scale configuration and configuration containing no filter or apply-path, sometimes there is a delay in deleting the apply-path addresses.
PR Number Synopsis Category: Express PFE FW Features
1492708 [firewall] [filter_installation] EVO: Filter having apply-patha as match condition is not hit correctly after attaching to ae interface
Product-Group=evo
When ipv6 filter is applied to ae interface after an empty config and the filter has prefix-list match-condition having apply-path, transit traffic does not pass through
1495118 PTX10003: Offline/Online of FPCs is not fully supported
Product-Group=evo
Offline/Online FPC feature is not fully supported on PTX10003 series. We can still do offline, but for bringing FPC or the associated ports back online requires a reboot of system. It is recommended we do not use FPC offline/online this feature is completely supported. It was also seen in some cases with scale configurations and heavy churn in system, off-lining an FPC were disabling packet forwarding on other FPCs as well. To recover, system reboot the system.
PR Number Synopsis Category: Resource Reservation Protocol
1501860 When changing the config from WECMP<-->ECMP, traffic is not taking mpls route
Product-Group=evo
on the fly change of wecmp to ecmp and vice versa will not take full effect for all routes using the LSPs until all those LSPs currently signaled with non zero bandwidth have gone through at least one of the MBB/clear/disable event, the traffic distribution will not be as expected until all those LSPs finished such transition. the reason is because without any of those triggers, the lsp will not automatically update the its nexthop based on wecmp configuration, nexthop content of each participation LSP will affect the traffic distribution among ECMP paths. the WECMP distribution ratio will not be as expected until the adjustment of all LSPs are finished.
PR Number Synopsis Category: Express PFE L2 fwding Features on ZX platforms
1493132 Brackla L2: Burst of learning events causes linecard Major errors
Product-Group=evo
Learnt MAC's on brackla are transported as Mac learning packets i.e. MLP's towards PFE CPU. When there is burst of learning events, we can land into scenarios where these packets use more bandwidth than pfe's lcpu interfaces supports. We debugged this with ASIC team and they have confirmed that these errors will appear when more traffic is enqueued towards LCPU than it can support. Once MAC's are learnt these errors stop. Also there is no functional impact as such of these errors because TOE ucode would retry with MAC learning packets, if these are dropped anywhere in packet path.
PR Number Synopsis Category: Express ZX PFE L3 Features
1509694 Brackla load balancing - Sometimes Ipv6 src/dst address hash fields are not set by default
Product-Group=evo
IPv4 src/dst and layer4 port(tcp/udp) is enabled by default(when boot up system with no related config knob configured). If user configured above know and delete the knob, the ipv6 hash-key fields may be disabled. If user want to make sure these fields are enabled, it need explicitly config the knob in cli configuration: config knob for explicitly enable ipv4 src/dst: set forwarding-options hash-key family inet layer-3 config knob for explicitly enable ipv4 layer4 port(tcp/udp): set forwarding-options hash-key family inet layer-4
 
Modification History:
First publication 2020-07-08
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search