Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

20.2R1-S1: Software Release Notification for JUNOS Software Version 20.2R1-S1

0

0

Article ID: TSB17841 TECHNICAL_BULLETINS Last Updated: 17 Aug 2020Version: 1.0
Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, MX, PTX, QFX, NFX, SRX, VRR, vMX, vSRX
Alert Description:
Junos Software Service Release version 20.2R1-S1 is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

Junos Software service Release version 20.2R1-S1 is now available.

20.2R1-S1 - List of Fixed issues

PR Number Synopsis Category: NFX Layer 3 Features Software
1511306 NFX150: ZTP over LTE config commit failed for "operation=create" in xml operations configuration
Product-Group=junos
NFX150: ZTP over LTE config commit failed for "operation=create" in xml operations configuration
PR Number Synopsis Category: JUNOS kernel/ukernel changes for ACX
1515835 VMcore observed while running stability test in a multi dimensional scenario.
Product-Group=junos
This is a Stability test performed on a scaled set-up with traffic , involving L2VPN,VPLS,EVPN,L2PT,L3VPN,6PE,6VPE,OSPF etc sessions running. And there are a series of events performed, like interface flap, deactivate/activate all protocols, deactivate/activate L2 circuit ,and then deactivate/activate routing instance. These series of events are performed in a loop and the issue is not seen in the first iteration, it is seen in the subsequent iterations after the step deactivate/activate routing instance.
PR Number Synopsis Category: "agentd" software daemon
1516290 JDI_BBE_REGRESSIONS: Active sensor check is failing while checking show agent sensors |display xml command
Product-Group=junos
Active sensor check is failing while checking show agent sensors |display xml command
PR Number Synopsis Category: Application Quality of Experience related PRs
1513461 CSO 5.1.2 : FLOWD : With CSO SDWAN configuration loaded, FLOWD cores seen while deleting GRE_IPSEC configuration
Product-Group=junos
The flowd_octeon process restarts unexpectedly when deleting a GRE IPSec tunnel.
PR Number Synopsis Category: Border Gateway Protocol
1508888 The rpd might crash on backup RE if BGP (standby) received a route from peer which is rejected due to invalid target community
Product-Group=junos
In L3VPN scenario, the rpd(routing protocol process) on backup RE might crash when BGP(standby) received a VPN route from peer which is rejected due to invalid target community and the BGP standby peer synchronization is not complete yet.
PR Number Synopsis Category: PFE SW evo-pfemand,packet-io on BRCM platforms running EVO
1499009 QFX5220 does not support the following matches which were supported on QFX5200: first-fragment, tcp-established, Is-fragment, and Hop-limit.
Product-Group=junos
QFX5220 does not support the matches that were supported on QFX5200: ? first-fragment ? tcp-established ? Is-fragment ? Hop-limit
PR Number Synopsis Category: MX Platform SW - FRU Management
1502118 The chassisd process may get stuck
Product-Group=junos
On the MX240, MX480, and MX960 platforms Chassisd process can be stalled if there is a front SCBE port malfunction. This front port is only used for Node Slicing systems, please avoid using sfp there in non Node Slicing cases to workaround the issue.
PR Number Synopsis Category: CFM
1518744 There might be memory leak in cfmd if both CFM and inet/IPv4 interfaces are configured
Product-Group=junos
If Connectivity Fault Management (CFM) and inet/IPv4 interfaces are configured, there is memory leak in cfmd when an update event for inet/IPv4 interface (like interface activating) occurs. The memory leak might be outstanding if there are continuous update events on large-scale inet/IPv4 interfaces. The high memory leak issue mostly happens on ACX platform. For other platforms, the leak might be very less.
PR Number Synopsis Category: ChassisD changes specific for DNX series.
1520326 Odin : ACX710 : Alarm port configuration not cleared after deleting the alarm-port.
Product-Group=junos
delete chassis alarm-port will not delete the alarm port configuration and show chassis craft-interface will display the old configuration.
PR Number Synopsis Category: DNX L2 related features
1517074 L2ALD crash is seen during stability test with traffic on scaled set-up.
Product-Group=junos
The L2ALD process on an ACX platform may restart unexpectedly during interface flaps.
PR Number Synopsis Category: Layer 3 forwarding, both v4+v6
1519372 IPV6 neighbor state change causes "Local Outlif" to leak by two values leads to DNX_NH::dnx_nh_tag_ipv4_hw_install errors
Product-Group=junos
On ACX5448/ACX5448-D, PFE memory exhaustion is reported due to continuous IPv6 neighbor flaps.
PR Number Synopsis Category: software upgrade infra issues
1470943 Block unified ISSU commands from the CLI for Junos OS Evolved Release 19.4R1.
Product-Group=junos
Since ISSU is not supported in Junos OS Release 20.2R1 for PTX10008, following commands are removed/blocked from CLI 1. request system software validate-restart 2. Request system software add <> restart 3. show system software add-restart.
PR Number Synopsis Category: EVPN Layer-2 Forwarding
1520078 Unable to create a new VTEP interface
Product-Group=junos
In all platforms with VXLAN Static VTEP tunnels scenario (including Static VXLAN without EVPN), after RE switchover or restart of l2-learning, if create a new VTEP interface, the interface may not work.
PR Number Synopsis Category: jdhcpd daemon
1506418 [subscriber_services] [all] JDI_BBE_REGRESSION: DHCPV6 leasequery is not as expected while verifying the DHCPV6 server statistics.
Product-Group=junos
DHCPV6_LEASEQUERY counter may not be as expected in "show dhcpv6 server statistics" output
PR Number Synopsis Category: Firewall Network Address Translation
1525822 NAT: NAT PBA size 1 on all products
Product-Group=junos
To address the customers' requirements, the PBA size should support a minimum of 8 on vSRX2.0 and vSRX3.0. Considering the PBA size range is 1~64k on SRX5k, we enhance the range to 1~64k on all platforms to align the behavior cross products. CLI warning message is provided when PBA size smaller than 64 on low-end products(no srx5k). When the PBA size is small, there may be not enough memory, syslog can be generated if the NAT source pool fails to be created due to memory shortage.
PR Number Synopsis Category: Firewall Policy
1500938 The srxpfe/flowd process might crash due to memory corruption within JDPI
Product-Group=junos
On SRX/MX platforms, if there are any services (e.g. AppID, IDP, APBR and so on) running based on Juniper Deep Packet Inspection (JDPI), when the work load is reaching heavy level, for example, above 50% of max connection per second for Layer 7 security policy, or 30% for IDP, the srxpfe/flowd process might crash due to memory corruption caused by this issue.
1519222 Junos upgrade may encounter failure in certain conditions when enabling Advanced Threat Prevention
Product-Group=junos
On all SRX platforms with Advanced Threat Prevention setup, upgrade to 20.2R1 may encounter failure. This defect could be seen when there is a security policy referencing SecProfiling threat-feeds (Adaptive Threat Profiling) in source-address or destination-address field during the upgrade process.
PR Number Synopsis Category: Multiprotocol Label Switching
1502993 CSPF job might get stalled for new/existing LSP in high scale LSP setup
Product-Group=junos
On all Junos platforms under MPLS-TE scenario with high scale LSPs (e.g., 20K), CSPF job might get stalled for new/existing LSP if some configuration changes (which impacts the rpd process) are done when CSPF job is suspended and pending. TED (Traffic Engineering Database) CSPF (Constrained Shortest Path First) job goes in a state where it is not able to recover till the time rpd process is restarted. This defect could only be observed in 20.2R1 or 20.2R1-EVO release.
PR Number Synopsis Category: OS IPv4/ARP/ICMPv4
1511833 The kernel may crash causing the router or the RE to reboot if making virtual IP related change
Product-Group=junos
On all Junos platforms with VRRP enabled, If delete and add any configuration which involves the virtual IP in the same commit, the kernel might crash. When this happens, the system or the RE will reboot.
PR Number Synopsis Category: Chassis mgmt for all QFX systems - chassis MIB, alarms, CLI
1511155 The QFX10000-36Q line card used on QFX10008/QFX10016 platforms may fail to detect any QSFP
Product-Group=junos
On QFX10008/QFX10016 platforms with QFX10000-36Q line card used, if detecting an ASIC error of the line card, the QSFP might not be detected and then the PIC might be offline.
PR Number Synopsis Category: QFX L2 PFE
1500825 On the QFX5000 switches, ERPS might not work correctly.
Product-Group=junos
On QFX5k platforms, Ethernet ring protection switching (ERPS) might not work correctly due to ERPS instance programming failure in hardware which might cause loop in the network.
PR Number Synopsis Category: KRT Queue issues within RPD
1505769 Traffic flow might be blocked if MTU configured under IFD is greater than MTU configured under IFF
Product-Group=junos
On EVO platforms, if MTU configured under physical interface (IFD) is greater than MTU configured under same interface with family inet or family inet6 (IFF), aftmand might have catastrophic event. In the end, no traffic could be forwarded by aftmand. Please make sure IFD MTU need to be configured with smaller value than IFF MTU.
1514393 cRPD: Assigning an IFL to a VRF may not always work
Product-Group=junos
When physical and logical interfaces are in different network namespaces and only the logical interface is assigned to cRPD, cRPD fails to set the state properly, resulting in the interface state being marked as down by RPD and unable to make use of it for routing.
PR Number Synopsis Category: Bug and Review Tracking for Segment routing traffic eng
1513583 Modifying the segment list of the SR LSP might not work
Product-Group=junos
If "source-packet-routing segment-list" is configured, change in the number of hops might not be able to trigger route change with updated segment list.
PR Number Synopsis Category: security-intelligence feature on SRX
1524284 Adaptive Threat Profiling would stop submitting new IP addresses to a feed after a limit of 10,000 had been reached
Product-Group=junos
Adaptive Threat Profiling would stop submitting new IP addresses to a feed after a limit of 10,000 had been reached
PR Number Synopsis Category: MPC7/8/9 Interface Issues
1513321 The wavelength configured via CLI might not be set on SFP+-10G-T-DWDM-ZR optics when the optics is used on MPC7E line card
Product-Group=junos
The code change in PR 1410877 (which is fixed in 19.1R1 19.2R1) broke the wavelength configuration for tunable optics on MPC7E line card. After configuring 'interfaces <> optics-options wavelength' for interfaces using SFP+-10G-T-DWDM-ZR optics on MPC7E line card, the wavelength configured might not take effect on these interfaces.
PR Number Synopsis Category: UI Infrastructure - mgd, DAX API, DDL/ODL
1500569 Unexpected behaviour during "| display inheritance" when foreground is deactivated
Product-Group=junos
The display of "| display inheritance" is blank when the foreground stanza is deactivated
PR Number Synopsis Category: ZT pfe infra issues
1478540 Interface traffic statistics in CLI command "show interface" may display incorrect values for a LAG with MPC10/MPC11 child links
Product-Group=junos
On an MX series router with MPC10/11 mixing with the other type of MPC cards in a LAG bundle, the "show interface" CLI command might display incorrect traffic statistics. This might be triggered when an MPC10/11 child link is removed from a LAG with child links hosted on other MPC models.
 

20.2R1-S1 - List of Known issues

PR Number Synopsis Category: NFX Layer 3 Features Software
1518939 NFX150 : Observing throughput degradation in RIOT-OVS-Fortigate-OVS-FlowD and RIOT-OVS-FlowD-OVS-Fortigate-OVS-FlowD cases
Product-Group=junos
Observing 29% degradation in 20.2R1 in both downstream and upstream of RIOT-OVS-FlowD-OVS-Fortigate-OVS-FlowD case when comparing 20.2R1 results with 20.1R1. And observing 65% degradation in 20.2R1 in upstream of RIOT-OVS-Fortigate-OVS-FlowD case when comparing 20.2R1 results with 20.1R1.
PR Number Synopsis Category: L2NG bug tracking
1519716 DHCP:ipv6 address not getting assigned from DHCP ip pool
Product-Group=junos
Updaed in 2020.7.2 The issue is not fixed in JUNOS_202_R1.10, and will fix in JUNOS_202_R1_S1. The issue will cause SRX1500 can't send router advertise message out and cause basic IPv6 DHCP issue. Now the root cause is still investigated. But from my test, the issue can't be seen in RELEASE_202_THROTTLE, and the fix code of PR 1511744, 1516274, 1521263 might need be ported to the JUNOS_202_R1_BRANCH.
PR Number Synopsis Category: JUNOS kernel/ukernel changes for ACX
1483959 [ISSU] JDI ACCESS REGRESSION: ISSU : Traffic loss is observed during unified ISSU upgrade on ACX5048.
Product-Group=junos
The Issue is seen during unified ISSU to Junos OS Release 20.1,20.2,19.4, 19.3 releases on acx5048 The upgrade happens without any issue , but the ports are not being enabled in PFE. As a result, forwarding is affected.
1509402 PFE crash might be seen and the FPC may remain down on ACX710 platform.
Product-Group=junos
On ACX710 platform, the PFE might crash and the FPC may remain down. This issue might occur when the PTP(Precision Time Protocol) is configured and removed, and then the router is rebooted. This issue happens when the DMA in QAX device goes in bad state when host bound PTP traffic is pumped and router rebooted. This causes the router to crash and not come up.
PR Number Synopsis Category: Bi Directional Forwarding Detection (BFD)
1453705 On the MX2010 Series routers, the BFD session on the IS-IS step up flaps during the ISSU - FRU upgrade stage.
Product-Group=junos
Bfd session flaps during ISSU only in mpc7e card(Bfd sessions from other cards of DUT to peer routers did not flap during ISSU). Issue is not seen frequently.
PR Number Synopsis Category: BGP Openconfig and Sensor
1512773 RPD might core rarely in case of heavy network churn when telemetry streaming is in progress
Product-Group=junos
There is a small window during BGP neighbor or BGP RIB periodic streaming when the background telemetry job gets suspended, there is a possibility that the node which is being rendered will be deleted/modified. If we are in middle of rendering value for that particular node, RPD might crash when telemetry job resumes since the node is no more valid.
PR Number Synopsis Category: PFE SW evo-pfemand,packet-io on BRCM platforms running EVO
1499009 QFX5220 does not support the following matches which were supported on QFX5200: first-fragment, tcp-established, Is-fragment, and Hop-limit.
Product-Group=junos
QFX5220 does not support the matches that were supported on QFX5200: ? first-fragment ? tcp-established ? Is-fragment ? Hop-limit
PR Number Synopsis Category: PRs related to channelized E1/T1 mic
1474449 Changing the framing modes on a CHE1T1 MIC between E1 and T1 on a MPC3E NG HQoS line card causes the PIC to go offline.
Product-Group=junos
Changing framing modes on a CHE1T1 MIC between E1 and T1 on a MPC3E NG HQoS line card will cause the PIC to go offline.
PR Number Synopsis Category: EVPN ELAN/E-TREE
1498519 ACX710:EVPN:MPLS Traffic BUM failure seen when testing evpn flood group
Product-Group=junos
Ethernet packets with the same MAC address in the source address and the destination address fields are not forwarded.
PR Number Synopsis Category: jdhcpd daemon
1504266 [subscriber_services] [all] JDI_BBE_REGRESSIONS :: DHCP subscribers count is not as expected after sending a LQ/BLQ Trigger after clearing the binding at Relay
Product-Group=junos
Subscriber recovery in relay using LQ/BLQ will fail.
PR Number Synopsis Category: Flow Module
1486903 The flowd/srxpfe process might crash on SRX device when AppID is used.
Product-Group=junos
In HA environment, with heavy traffic over a long period of time, AppID module in SRX can cause core.
PR Number Synopsis Category: JSR Infrastructure
1479156 vSRX may restart unexpectedly
Product-Group=junos
The srxpfe process generates core files when a socket-open error occurs during the initialization phase. Self-healing takes place when the srxpfe reboots and starts processing traffic.
PR Number Synopsis Category: Layer 2 Control Module
1473610 ERP might not come up properly when MSTP and ERP are enabled on the same interface.
Product-Group=junos
When both "Multiple Spanning Tree Protocol " (MSTP) and Ethernet Ring Protection Switching" ERPS are enabled on the same interface, then ERPS does not come up properly.
PR Number Synopsis Category: Multicast for L3VPNs
1520568 HRS with min-rate works fine with Selective Ingress Replication provider-tunnel. Incase of RSVP-TE P2MP as provider-tunnel MBB may happen during network triggers and it may leads to more than ~50ms traffic loss.
Product-Group=junos
HRS with min-rate works fine with Selective Ingress Replication provider-tunnel. Incase of RSVP-TE P2MP as provider-tunnel MBB may happen during network triggers and it may leads to more than ~50ms traffic loss. Here in this particular scenario where RSVP-TE P2MP I-PMSI + S-PMSI provider tunnel is used when we do access-link failure MBB is happening and leading to more than ~3s traffic loss. Even with S-PMSI provider-tunnel also we are seeing the same issue.
PR Number Synopsis Category: QFX EVPN / VxLAN
1510794 QFX5K : EVPN-VXLAN : EVPN-VXLAN : Multicast traffic loss due to few multicast routes missing in Spine node
Product-Group=junos
In an EVPN-VXLAN scenario, multicast traffic may not reach to Spine to form (S,G) in PIM enabled Spines. Issue might happen due to various triggers including multiple rollback of configs on Spine, interface flap, clear bgp.
PR Number Synopsis Category: RPD Next-hop issues including indirect, CNH, and MCNH
1501935 VPN traffic gets black-holed in a cornered L3VPN scenario
Product-Group=junos
in certain corner configuration, where in L3VPN scenario, there are 2 EBGP (1 multihop and 1 single-hop) and 1 IBGP between CE and PE, "equal-external-internal" may not work correctly with L3VPN composite-next-hop knob enabled.
PR Number Synopsis Category: Trio pfe bridging, learning, stp, oam, irb software
1493723 Traffic loss is observed after ISSU, while enable/disable and activate/deactivate the interface
Product-Group=junos
Traffic loss is observed after ISSU, while enable/disable and activate/deactivate the interface
PR Number Synopsis Category: DDos Support on MX
1464549 With multiple different fixed-sized traffic streams configured at 1000000 fps (40 gbps combined rate) on an aggregated Ethernet0 along with another independent aggregated Ethernet (aggregated Ethernet1, 50 percent line rate 4 streams bi-directional => 118 gbps combined traffic rate) both hosted on a single Packet Forwarding Engine instruction of MPC11E line card, causes small varying packet drops every iteration on the aggregated Ethernet1 on disabling the aggregated Ethernet0. The drops might vary from 200
Product-Group=junos
With multiple different fixed-sized traffic streams configured at 1,000,000 fps (40 Gbps combined rate) on aggregated Ethernet0 along with another independent aggregated Ethernet interface (aggregated Ethernet1, 50 percent line rate 4 streams bidirectional => 118 Gbps combined traffic rate), both hosted on a single Packet Forwarding Engine instruction of an MPC11E line card, small varying packet drops occurs for every iteration on aggregated Ethernet1 on disabling aggregated Ethernet0. The drops might vary from 200 to certain 1000 frames.
PR Number Synopsis Category: VNID L2-forwarding on Trio
1517591 no-arp-suppression was required for MAC learning to happen across the EVPN domain on static VTEP
Product-Group=junos
no-arp-suppression was required for MAC learning to happen across the EVPN domain on static VTEP
PR Number Synopsis Category: ZT pfe l3 forwarding issues
1456816 On the MPC11E line card, the FIB download rates are lower than MPC10E by 30 percent.
Product-Group=junos
MPC11E: Effective FIB download rate of an MPC11E is lower than that of MPC10E by 30% because MPC11E has 8 targeted PFEs while MPC10E has 2-3 targeted PFEs.
1474146 For MPC10E card line, the IS-IS and micro BFD sessions does not come up during baseline.
Product-Group=junos
For the MPC10E card line, the IS-IS and micro-BFD sessions do not come up during baseline.
PR Number Synopsis Category: usf hcm related issues
1520395 AUTO-CORE-PR : JDI BBE REGRESSION : flowd_spc3_mx core found @ msubsc_process_vbf_blob_handler msubsc_process_vbf_gencfg_blob ft_event_process_mp
Product-Group=junos
flowd_spc3_mx core found @ msubsc_process_vbf_blob_handler msubsc_process_vbf_gencfg_blob ft_event_process_mp
PR Number Synopsis Category: usf traffic load balancing relared issues
1499655 After GRES, Some of the Vrirtual Services are not UP.
Product-Group=junos
After GRES, Some of the Vrirtual Services are not UP.
 
Modification History:
First publication 2020-08-17
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search