Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

17.3R3-S9: Software Release Notification for JUNOS Software Version 17.3R3-S9

0

0

Article ID: TSB17848 TECHNICAL_BULLETINS Last Updated: 24 Sep 2020Version: 2.0
Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, MX, PTX, QFX, NFX, VRR, vMX
Alert Description:
Junos Software Service Release version 17.3R3-S9 is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

Warning: With VPLS/Bridge-Domain environment, an MX/EX9200 Series router with Trio-based MPCs running software version 17.3R3-S9. The MPCs may experience NH memory leak in the PFEs when using integrated routing and bridging (IRB) interface participating in the VPLS/Bridge-domain instance.

Junos Software service Release version 17.3R3-S9 is now available.

17.3R3-S9 - List of Fixed issues

PR Number Synopsis Category: EX4300 PFE
1456879 The traffic for some VLANs might not be forwarded when vlan-id-list is configured
Product-Group=junos
On EX4300 Series switches, if the vlan-id-list is used on one interface, the traffic for some VLANs under the vlan-id-list might not be forwarded.
1493212 IPv6 neighbor solicitation packets might be dropped in a transit device.
Product-Group=junos
In EX4300 platform with a Layer 2 scenario, IPv6 neighbor solicitation (NS) packets transiting an EX switch might be dropped if there is a firewall filter matching "next-header icmpv6" then "policer xxx with discard action" configured under a loopback interface. That will cause the IPv6 communication going through the EX switch to fail (IPv4 works fine).
PR Number Synopsis Category: EX4300 Platform
1502726 On the EX4300 device, traffic loss might be seen with framing errors or runts if MACsec is configured.
Product-Group=junos
On EX4300 platform with Media Access Control Security (MACsec) configured, if there is high traffic flowing through the MACsec enabled link, increasing framing errors or runts statistics might be seen in the output of "show interfaces extensive <>" for the affected interface. Traffic loss might also happen due to this issue.
PR Number Synopsis Category: QFX Access control list
1499918 Traffic drop might be observed after modifying the FBF firewall filter.
Product-Group=junos
On QFX5000 Series platforms, after making changes in filter-based forwarding (FBF) firewall filter that is configured with multiple terms or different routing instances, traffic drop might be observed.
PR Number Synopsis Category: QFX PFE CoS
1510365 Traffic might be forwarded to the wrong queue when a fixed classifier is used.
Product-Group=junos
If L2 access or vlan bridge IFL is created after fixed classifier is applied, the traffic matching the fixed classifier might be forwarded in unexpected queue, it might cause congestion unexpectedly hence there is traffic impact.
PR Number Synopsis Category: QFX PFE L2
1467466 On the QFX5000 line of switches, few MAC addresses might be missing from the MAC table in the software.
Product-Group=junos
On QFX5k platform, if Packet Forwarding Engine process is restarted manually or device reboot occurs, some MAC address(es) might not be seen on software MAC table but MAC address will be present in hardware table.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1432023 The fxpc core might be seen during the reboot of device on QFX5100/EX4600 switches
Product-Group=junos
On QFX5100 and EX4600 switches, due to Bad Chip ID, an fxpc core filecan be seen during the device reboot. This is due to a transient error related to a chip where vendor tries to get the chip ID and it results in improper info.
PR Number Synopsis Category: JUNOS kernel/ukernel changes for ACX
1481151 Memory utilization enhancement on ACX platforms
Product-Group=junos
RPD memory chunk size is optimized for ACX platform to reduce the memory foot print.
1482598 ACX AUTHD process memory usage enhancement
Product-Group=junos
The overall memory utilization corresponding to AUTHD process on a system without this fix would be around 15 percent.
1506938 PIC slot may be shut down less than 240 seconds due to the over-temperature start time is handled incorrectly
Product-Group=junos
On ACX1000/2000/4000 platforms, if the temperature in a PIC reaches above over the temperature threshold, the timer is started and the over-temperature start time is stored. If this condition persists for 240 seconds, the PIC slot would be shut down. If the temperature drops before 240 seconds, the timer is stopped and the over-temperature start time is made to zero. But in some cases, when the temperature drops before 240 seconds, the over-temperature start time is not made to zero but stored. In this case, if the same PIC reaches above over the temperature threshold again, the PIC might be shut down before 240 seconds as the 240 seconds delay are not calculated from this event but from the last.
PR Number Synopsis Category: MPC Fusion SW
1463859 The MPC2E-NG or MPC3E-NG card with specific MIC might crash after a high rate of interface flaps.
Product-Group=junos
If any MIC of type MIC-3D-2XGE-XFP / MIC-3D-4XGE-XFP / MIC-3D-20GE-SFP-E / MIC-3D-20GE-SFP-EH / MIC-MACSEC-20GE is installed in MPC2E-NG/MPC3E-NG card, the Microkernel (uKern) might hog for CPU on Packet Forwarding Engine (PFE) when there is a high rate of interface flaps (~30/40 flaps per second). This will eventually trigger the MPC2E-NG/MPC3E-NG card crash with an NGMPC core file. Normally the excessive interface flapping won't happen frequently in the real-world and it may be caused due to the external environment. This fix will reduce the impact and prevent the uKern hog when having such conditions. The fix for this issue causes a regression as documented in TSB17782 and PR1508794 which affects interfaces with "WAN-PHY" framing.
PR Number Synopsis Category: Bi Directional Forwarding Detection (BFD)
1448649 Junos OS BFD sessions with authentication flaps occurs after sometime
Product-Group=junos
In the scenario where BFD session authentication is configured, after a certain period of time, BFD sessions flaps may be seen, this will cause the neighbor to be down.
PR Number Synopsis Category: Border Gateway Protocol
1437108 Wrong next hop might be seen when BGP PIC edge is enabled.
Product-Group=junos
On all Junos releases before 19.1R1, when BGP PIC Edge is enabled, the incorrect next-hop might be assigned through BGP update, which will result in the following: 1. The next-hop advertised through BGP can be incorrect. 2. ECMP paths can get replaced with a PIC backup when the egress interface is same for the ECMP paths.
1492743 The BGP route-target family might prevent RR from reflecting Layer 2 VPN and Layer 3 VPN routes.
Product-Group=junos
If the user only sets protocols bgp local-as <> without configuring routing-options autonomous-system <> or having a different autonomous-system number than local-as, the iBGP Route-Reflector (RR) will treat the route-target (RT) routes from iBGP neighbor PEs as an external prefix, and by default, the external peer number is limited to one for a given Route Target, in this case, the Route-Reflector might not reflect L2VPN and L3VPN prefixes to some iBGP clients advertised the same RT prefixes.
PR Number Synopsis Category: MX Platform SW - UI management
1498538 SNMP polling does not show correct PSM jnxOperatingState when one of the PSM Inputs failed
Product-Group=junos
SNMP polling does not show correct PSM jnxOperatingState when one of the PSM Inputs failed or not exists
PR Number Synopsis Category: QFX Access Control related
1515972 "dot1x" memory leak
Product-Group=junos
Memory leak is seen in 'dot1xd' daemon when no 'dot1x' is configured. Memory leak is seen for the allocation while creating socket from 'dot1xd' daemon to 'authd' daemon. If 'authd' is not running , 'dot1xd' daemon tries to connect to 'authd' periodically and every time it was allocating memory for string "/var/run/authd_control" for socket creation. The memory does not free in this scenario and we see memory leak for string "/var/run/authd_control". There will be no service impact to other services/daemons other than dot1x.
PR Number Synopsis Category: EVPN control plane issues
1394803 The process rpd crash may be observed with EVPN type-3 route churn
Product-Group=junos
In an EVPN scenario, rpd may crash with EVPN type-3 route churn due to a race condition (Incorrect sequence of allocating and freeing memory for processing the updates between BGP and EVPN).
1438227 Configuring ESI on a single-homed 25-Gigabit Ethernet port might not work.
Product-Group=junos
In an EVPN scenario, if the 25G interface of Leaf node is configured with an Ethernet Segment Identifier (ESI), and it actually only has a single-homed to reach its peer, that might cause the packets to the peer to be discarded.
PR Number Synopsis Category: EVPN Layer-2 Forwarding
1498023 The l2ald memory leakage might be observed in any EVPN scenario.
Product-Group=junos
In any EVPN scenario (for example, active-active multi-homing mode, active-standby multi-homing mode, EVPN-VXLAN, or EVPN-MPLS), the l2ald memory might slowly come up when the local CE device or core face interfaces continuously flap. If the memory of l2ald is exhausted, it causes the l2ald to crash.
1520078 Unable to create a new VTEP interface
Product-Group=junos
In all platforms with VXLAN Static VTEP tunnels scenario (including Static VXLAN without EVPN), after RE switchover or restart of l2-learning, if create a new VTEP interface, the interface may not work.
PR Number Synopsis Category: Kernel software for AE/AS/Container
1425211 Interface with FEC disabled might flap after Routing Engine mastership switchover.
Product-Group=junos
By default, RS-FEC (Reed-Solomon Forward Error Correction) is enabled for 100G SR4/PSM4 optics and disabled for 100G LR4 optics. The "set interfaces xx gigether-options fec" knob was introduced in Junos OS Release 16.1R1, it can be used to override the default behavior and explicitly enable/disable FEC for a 100G interface. In GRES scenario, when a 100G interface with SR4/PSM4 optics (e.g. QSFP-100GBASE-SR4/QSFP-100G-PSM4) is a member of an AE interface, and FEC is disabled on AE (knob "gigether-options fec none" is configured), the interface might flap during RE mastership switchover. After that, the interface will come up itself and this issue will recover automatically.
PR Number Synopsis Category: Layer 2 Circuit issues
1511783 The rpd might crash after removing the last interface configured under the l2circuit neighbor
Product-Group=junos
On all Junos platforms, rpd crash may be observed after removing the last interface configured under the l2circuit neighbor which is in fact active.
1512834 The rpd might crash when deleting l2circuit configuration in a specific sequence
Product-Group=junos
If l2circuit local-switching is enabled with connection-protection, the rpd could crash in the following configuration change sequence. 1. First, delete the logical interface (IFL) used by a l2circuit and commit the change. 2. Then, delete the corresponding l2circuit configuration. The rpd could crash after committing the change.
PR Number Synopsis Category: Layer 2 Control Module
1505710 The l2cpd crash might be seen if the ERP configuration is added or removed, and l2cpd is restarted.
Product-Group=junos
Core files are generated if you add or delete ERP configuration multiple times and restarted l2cpd or rebooted the box. If this issue is happened, l2cpd does not recover again and generates core file continuously.
PR Number Synopsis Category: Layer2 forwarding on EX/NTF/PTX/QFX
1512802 Memory leak on l2ald might be seen when adding/deleting the routing-instances/bridge-domains configuration
Product-Group=junos
Memory leak on l2ald might be seen when adding/deleting the routing-instances/bridge-domains configuration.
PR Number Synopsis Category: Label Distribution Protocol
1517667 SNMP Trap is sent with incorrect OID jnxSpSvcSetZoneEntered
Product-Group=junos
SNMP trap is sent with incorrect OID(jnxSpSvcSetZoneEntered) while sending trap for mplsMldpFecUp
PR Number Synopsis Category: Multiprotocol Label Switching
1445024 An rpd memory leak might be seen when the interdomain RSVP LSP is in the down state.
Product-Group=junos
In interdomain RSVP label-switched path (LSP) scenario, an rpd memory leak might be seen when the Constrained Shortest Path First (CSPF) tries to recompute the path for the "down" LSP that is due to no route or ERO is incorrectly configured. The issue might lead to rpd crash when the rpd is out of memory and results in traffic loss.
PR Number Synopsis Category: Bugs related to ethernet interface on MX platform
1435221 MicroBFD 3x100ms flap is seen upon inserting a QSFP in another port.
Product-Group=junos
Micro BFD/LFMD sessions with timer configured with less than 3x500ms (such as 3x100ms) might flap when a QSFP transceiver is inserted into another port.
PR Number Synopsis Category: MX104 Software - Chassis Daemon
1453893 FPC/PFE crash may happen with ATM MIC installed in the FPC
Product-Group=junos
FPC crash on MX240 and MX2020 routers or Packet Forwarding Engine crash on MX104 routers might happen when the MIC-3D-8OC3-2OC12-ATM is installed and ATM interface is configured.
PR Number Synopsis Category: Kernel Stats Infrastructure
1411303 SNMP OID IFOutDiscards not updated when drops increasing
Product-Group=junos
When interface drop happens on interface, the SNMP OID IfOutDiscars might not be updated until a new "show interface extensive" cli command issued.
1462986 Slow Response from SNMP might be observed after an upgrade to Junos OS Release 19.2R1.
Product-Group=junos
Slow response introduced with PR/1411303 fix, is getting resolved with this PR.
1508442 SNMP poling may return unexpectedly high value of ifHCOutOctets counter for physical interface when any jnxDom OID is processed at the same time
Product-Group=junos
When actual transmitted load is configured for interface as: set interfaces interface-transmit-statistics And ifHCOutOctets OID is polling together with any jnxDom OIDs for the same interface with time interval between pollings equal or less then one second, the resulted value of ifHCOutOctets may be unexpectedly high
PR Number Synopsis Category: OSPF routing protocol
1489637 The rpd crashes when reset OSPF neighbours
Product-Group=junos
On all Junos platforms, if more than one million routes are installed into Open Shortest Path First (OSPF) routing table, also, either Nonstop Active Routing (NSR) or Graceful Routing Engine Switchover (GRES) with warm standby is enabled, rpd might crash on backup routing engine (RE) when OSPF neighbors are reset. This is a scaled issue. This issue could be recovered after rpd on backup RE self-restart.
PR Number Synopsis Category: Used for tracking OVSDB software issues and features
1518807 The vgd core might get generated when OVSDB server resarts
Product-Group=junos
On all Junos platforms that support OVSDB (Open vSwitch database), the vgd core might get generated when the OVSDB server is restarted. The vgd daemon restart after the core might cause traffic impact. This issue happens when OVSDB server is disconnected and the device (switch/router) sends some updates events to server.
PR Number Synopsis Category: Path computation client daemon
1472825 Manually configured ERO on NS controller lost when PCEP session bounced
Product-Group=junos
On all Junos platform with Path Computation Element Protocol (PCEP) enabled, if PCEP session bounced druing Routing Engine (RE) switchover on a LSP ingress router, unexpacted delete message might be sent from Path Computation Client (PCC) to Path Computation Element (PCE) with North Star (NS) controller. In the end, manually configured explicit route object (ERO) for RSVP-TE based label switched path (LSP) on NS controller will be lost. However, traffic go through ERO set on NS controller is still normal.
PR Number Synopsis Category: PPPoE functional plugin for bbe-smgd
1479099 PPPoE subscribers might not all login after FPC restart
Product-Group=junos
On MX platforms with PPPoE subscriber scenario, the system may not allow all subscribers to login after FPC restart.
PR Number Synopsis Category: PTP related issues.
1451950 RMPC core files are found after the configuration changes are done on the network for PTP or clock synchronization.
Product-Group=junos
On the ACX/MX/QFX platform with PTP (Precision Time Protocol)/SyncE (Synchronous Ethernet) enabled, if configuration changes for the PTP/SyncE are combined with multiple events, the FPC core might be seen.
PR Number Synopsis Category: Interface related issues. Port up/down, stats, CMLC , serdes
1465302 The physical interface of aggregated Ethernet might take time to come up after disabling or enabling the interface
Product-Group=junos
On Junos platforms, the physical interface of AE might come up after a long delay (4 mins) if there are millions of bgp routes learnt on the device. This delay is happening because PFE Manager thread is busy processing the routing updates from RE. These routing updates are the result of AE interface going down at the first step of disabling the interface.
PR Number Synopsis Category: QFX Platform related (SYSLOG/ALARMS/miscellaneous)
1387098 Traffic loss may be observed due to switch modular failure on CB
Product-Group=junos
On QFX10008/QFX10016/PTX10008/PTX100016 platforms, traffic loss might be observed because of switch modular failure on the Control Board (CB). This failure further causes all SIBs to be marked as faulty and causes FPCs to restart until Routing Engine switchover occurs.
PR Number Synopsis Category: QFX PFE Class of Services
1472771 On the EX4600 device, DSCP marking might not work as expected if the fixed classifiers are applied to interfaces.
Product-Group=junos
On QFX5000/EX4600 platforms, if the interfaces are configured with the fixed classifiers, when some specific configuration changes are committed, for example, the same forwarding-class is applied to two different interfaces at the same time, and then the forwarding-class for one of the interfaces is changed and committed to a different value, the Differentiated Services code point (DSCP) marking might not be able to work as expected since both physical interfaces are still having the same forwarding-class mapped in the hardware table due to this issue.
PR Number Synopsis Category: QFX L2 PFE
1504354 LLDP is not acquired when native-vlan-id and tagged VLAN-ID are the same on a port.
Product-Group=junos
On QFX5000 platforms running with Link Layer Discovery Protocol (LLDP) configured, if the interface has both native-vlan-id and vlan-id configured, and the native-vlan-id and vlan-id have the same value, LLDP neighborship might be unable to setup on that particular interface due to this issue.
PR Number Synopsis Category: QFX EVPN / VxLAN
1463939 JDI-RCT : QFX 5100 VC/VCF : Observing Error BRCM-VIRTUAL,brcm_vxlan_walk_svp(),6916:Failed to find L2-iff for ifl: while cleanup Evpan-VxLAN configs with Mini-PDT base configurations
Product-Group=junos
On QFX5100, Error BRCM-VIRTUAL,brcm_vxlan_walk_svp(),6916:Failed to find L2-iff for ifl: may come while cleanup Evpn-VxLAN configs. These are harmless messages.
PR Number Synopsis Category: RPD route tables, resolver, routing instances, static routes
1415077 Dynamic routing protocol flapping with VM host Routing Engine switchover on NG-RE.
Product-Group=junos
In NG-RE dual RE platform, some commands for RE switchover might lead process rpd to go down/up, due to a delay that makes the process chassisd fail to update its status of mastership promptly. As the mastership status the chassisd governs determines which action the process rpd needs to take the next, if RE is rebooted and the chassisd mastership state is RE-Master then, in that case, rpd clears all the kernel states; and if chassisd mastership state for that RE is RE-Backup, then rpd just quits silently and restarts again in backup mode without any kernel states being cleaned. So that rpd cleanup of kernel states causes this issue.
1507638 On all JUNOS dual-RE GRES/NSR enabled routers, RPD might crash on a new master RE (Routing Engine) if RE switchover happened right after massive routing-instances deletion
Product-Group=junos
If GRES and NSR are enabled at a dual-RE router and if RE switchover happens (either manually or due to some other reasons) right after deleting a big number of routing instances, then RPD at a new master RE could crash once. Once a new master RPD crashed, it will restart by itself.
PR Number Synopsis Category: Resource Reservation Protocol
1505834 The rpd process might crash with RSVP configured in a rare timing case
Product-Group=junos
On all Junos platforms running with the Resource Reservation Protocol (RSVP) configured, when some socket error happens, RSVP might be unable to send messages. However, the counter for sent messages has already been increased due to the software design defect. The wrong counter might lead to the rpd process crash. It's a rare timing issue that might be more likely to happen in a scaled scenario.
PR Number Synopsis Category: Generic platform and infra issues for MS-MIC and MS-MPC(XLP)
1405917 The FPC crash might be observed in MS-MPC HA environment
Product-Group=junos
On MX Series platform with MS-MPC card used, in race condition, if the MS-MPC is used on HA (High Availability) scenario ( the 'set interfaces ms-x/x/x redundancy-options redundancy-peer/redundancy-local' knob and GRES is configured), the FPC might crash due to the bus error (segmentation fault). The reason is that two CPUs simultaneously access the same session-extension memory in the session structure, one for writing, the other for reading. A reading CPU gets an incorrect value and uses that as the memory address. This causes the bus error (segmentation fault).
1489942 Prolonged flow-control might happen on MX platforms with MS-MPC/MS-MIC
Product-Group=junos
On MX platforms with MS-MPC/MS-MIC, if there are lots of self-generated packets like TCP-tickle and UDP-logging, there might be data congestion on the data path due to no throttling functionality for such types of packets. When the data path is blocked, prolonged flow-control might happen with the service interfaces being brought down and the PIC reboot. At the same time, the mspmand core file will be generated if dump-on-flow-control is enabled.
PR Number Synopsis Category: MX10002 RCB/LC Diagnostics defects
1405787 Some error messages (about Voltage read failed) might be seen on MX10K platforms
Product-Group=junos
On MX10003 and an MX10008 platforms, some error messages (about Voltage read failed) might be seen. The reason is that its internal i2c bus may experience congestion. Thus the software may not be able to communicate on the first try. This PR optimizes the retry logic and its reporting.
PR Number Synopsis Category: Issues related to broadband edge apps (PPP, DHCP) on Trio ch
1401808 FPC core files due to a corner case scenario (race condition between RPF, IP flow).
Product-Group=junos
In a subscriber management deployment where the Reverse-Path-Forwarding (RPF) check and MAC check is enabled, a race condition might cause software failure and resulted in a Flexible PIC Concentrator (FPC) to restart.
PR Number Synopsis Category: Trio pfe bridging, learning, stp, oam, irb software
1451559 In EVPN-VXLAN scenario, sometimes host-generated packets gets dropped as hitting reject route in Packet Forwarding Engine.
Product-Group=junos
The host generated packets might be dropped in the EVPN/VXLAN scenario due to hitting the "reject route" policy in PFE.
PR Number Synopsis Category: Trio pfe microcode software
1409626 On all the EX9200 line of switches, MX Series routers, and T4000, LACP DDoS policer is incorrectly triggered by other protocols traffic.
Product-Group=junos
DDOS policer for LLDP/MVRP/Provider MVRP/dot1X is incorrectly identified as LACP DDOS violation on the EX9200 line of switches, MX Series routers, and T4000 devices. This issue can appear whenever there is an overflow of traffic from any of these protocols that triggers DDOS for LACP rather than the actual protocol.
PR Number Synopsis Category: UI Infrastructure - mgd, DAX API, DDL/ODL
1455667 The SmiHelperd process is not initialized in the Junos OS PPC Releases.
Product-Group=junos
After Software Upgrade, SNMP MIB Walk does not Poll/Fetch any Information
PR Number Synopsis Category: V44 Satellite Device Infra
1466324 Temperature sensor alarm is seen on EX4300 in Junos Fusion scenario.
Product-Group=junosvae
In Junos Fusion scenario with EX4300 acting as SD, the temperature sensor alarms and logs might be seen as a result of the incorrect temperature reading of about 2-3 degrees lower than the expected. There is no CLI command to clear the alarm and logs.
PR Number Synopsis Category: V44 Aggregation Device Platforms
1490101 The stats of extended ports on satellite device cluster might show wrong values from the aggregation device
Product-Group=junos
In Junos Fusion with satellite device cluster and single aggregation device (AD) deployment, if a satellite device (SD) in the cluster is not directly connected to the AD, the physical interface (IFD) stats of the extended ports on this SD cannot be shown correctly from AD. It is a display issue and does not affect function.
PR Number Synopsis Category: Virtual Router Redundancy Protocol
1506747 Unexpected dual VRRP backup state might happen after performing two subsequent RE switchovers with 'track priority-hold-time' configured
Product-Group=junos
On all Junos platforms with dual REs installed, if 'track priority-hold-time' and 'track interface' are enabled in the same VRRP groups, after performing the second RE switchover in a shorter time than the group 'track priority-hold-time' configured timer after the first RE switchover, it may cause unexpected dual VRRP backup state followed by VRRP master re-election, and the traffic forwarded over VRRP VIP could be affected during this time.
 

17.3R3-S9 - List of Known issues

PR Number Synopsis Category: Software build tools (packaging, makefiles, et. al.)
1464570 mspmand core can be generated at bootup
Product-Group=junos
An mspmand core can be generated when the MS-MPC is booting. This has been mainly seen during an upgrade. The card will reboot and continue with normal operation without manual intervention.
PR Number Synopsis Category: EX9200 Platform
1448368 On the EX9214 device, the following error message are observed after reboot and MACsec-enabled link flaps: errorlib_set_error_log(): err_id(-1718026239).
Product-Group=junos
On the EX9214 device, if the MACsec-enabled link flaps after reboot, the error "errorlib_set_error_log(): err_id(-1718026239)" is observed.
PR Number Synopsis Category: ACX MPLS
1484233 Incorrect TPID set in transit MPLS frames sent on tagged egress interface on ACX
Product-Group=junos
ACX1k/2k/4k before Junos release before 17.4R3-S2.4 , acting as PHP in a MPLS path, with vlan-id configured on core interfaces, TPID is set as unknown for transit MPLS packets. This issue is fixed in 17.4R3-S2.4.
1512821 On a ACX ring topo, after link connection flap between PHP node and Egress PE node, VRF traffic that should be PHP still go out with MPLS and VPN labels
Product-Group=junos
After link connection flap between the PHP node and the egress PE node, the VRF traffic which supposed to PHP and sent only with VPN label out to egress PE, would wrongly tagged with both MPLS label and VPN label.
PR Number Synopsis Category: MPC Fusion SW
1508794 A Regression issue introduced by PR1463859 causing WAN-PHY interface continuously flaps with default hold-time down of 0
Product-Group=junos
PR1463859 introduces a software defect that causes a 10GE interface to flap continuously when configuring with the WAN-PHY framing with the default "hold-down" timer (0). Once upgrading a router to an affected software release, the interface may flap continuously. This is not applicable to an interface with the default framing - LAN-PHY.
PR Number Synopsis Category: Border Gateway Protocol
1403186 All the BGP session flap after RE switchover
Product-Group=junos
With GRES and NSR enabled, if executing RE switchover, BGP session might flap in some scenario. When Junos version have the fix of PR-1440694, BGP session always flap after doing RE switchover.
1447601 On the MX2000 and PTX10000 lines of devices , Layer 3 VPN PE-CE link protection exhibits unexpected behavior.
Product-Group=junos
In L3VPN PE-CE link protection scenario with MX2K/PTX10K platforms, the external and internal BGP (EIBGP) multipath route might be advertised with an unexpected VPN label if IBGP backup path is present. When the backup IBGP path goes away, it will get the correct VPN label like other routes.
1494005 The rpd process generates core file at rt_nh_resolve_add_gen in ../../../../../../../../src/junos/usr.sbin/rpd/lib/rt/rt_resolve_ind.c: with the evpn-dhcp configurations.
Product-Group=junos
In BGP with INH (indirect next-hop) scenario, if using the knob "no-labeled-bgp" to disabled the chained composite next-hops for labeled BGP, the INH might not be created for the transit traffic route when devices handling transit traffic in the network. To create the INH again, it need to re-enable the chained composite next-hops for labeled BGP by removing the knob "no-labeled-bgp" or adding the knob "labeled-bgp", but the rpd resolver might not resolve the INH information as normal since the resolver is not getting ready, it might cause RDP crashed. Then, the routing protocol might be impacted.
PR Number Synopsis Category: BBE Remote Access Server
1402653 Authd reuses addresses too quickly before jdhcpd can completely clean up the old subscriber, which floods the error log; for example: jdhcpd: %USER-3-DH_SVC_DUPLICATE_IPADDR_ERR: Failed to add 10.1.128.3 as it is already used by 1815.
Product-Group=junos
On all Junos platforms running in subscriber scenario with address pool configured, if the address pool has high usage so that only few addresses are free to allocate, when there are subscribers logout and login, the released address by one subscriber might get re-used and allocated to the other subscriber very soon. Due to this issue, syslog error messages might be seen, and the affected subscriber might need to take retry for login.
PR Number Synopsis Category: Virtual-chassis platform/chassisd infrastructure PRs for MX
1428254 syslog "scchassisd[ ]: CHASSISD_IPC_WRITE_ERR_NULL_ARGS: FRU has no connection arguments fru_send_msg Global FPC x" is observed after MXVC local or global switchover
Product-Group=junos
syslog "scchassisd[ ]: CHASSISD_IPC_WRITE_ERR_NULL_ARGS: FRU has no connection arguments fru_send_msg Global FPC x" is observed after MXVC local or global switchover. The syslog is harmless in this scenario. Junos containing the fix will suppress this type of message.
PR Number Synopsis Category: EA chips SW
1407506 When you use the inline J-Flow application, the FPC crashes and slows the convergence upon HMC fatal error condition.
Product-Group=junos
On MX Series platforms using MPC7E, MPC8E, MPC9E, MX10k-LC2101, or MX10003, when the inline J-Flow application is used, a fatal error on Hybrid Memory Cube (HMC) performs a "disable-pfe" action. Because J-Flow records are hosted on the HMC memory partition, reading and writing to the HMC memory might trigger FPC crash and high FPC CPU utilization, causing slow convergence (adding/deleting routes or next hops) for other Packet Forwarding Engines on the same FPC carrier.
PR Number Synopsis Category: EVPN control plane issues
1506343 Configuring the knob "proxy-macip-advertisement" for EVPN-MPLS leads to functionality breakage
Product-Group=junos
In EVPN-MPLS scenario, with "proxy-macip-advertisement" enabled on IRB, ARP for remote CE on local PE fails might be seen and forwarding-table entry always remains in hold state. The "proxy-macip-advertisement" enable the proxy advertisement feature on a device that can function as a Layer 3 gateway. With this feature enabled, the Layer 3 gateway advertises the MAC and IP routes (MAC+IP type 2 routes) on behalf of Layer 2 VXLAN gateways.
PR Number Synopsis Category: Express PFE L3 Features
1385723 The IPv6 packet might not be routed when IPv6 packet is encapsulated over IPv4 GRE tunnel on QFX10000..
Product-Group=junos
On QFX10002/QFX10008/QFX10016 platforms, the IPv6 traffic might be dropped if the IPv6 over IPv4 Generic Routing Encapsulation (GRE) tunnel is configured because when an Interface family (IFF) member is removed on the Logical interface (IFL), the property of IFL to learn MAC is getting set to NULL which is causing ARP failure.
PR Number Synopsis Category: Express pfe Mclag
1464409 Traffic does not forward across ICL when SFP is not inserted on a MC-LAG link with Enhanced convergence
Product-Group=junos
Traffic does not forward across ICL when SFP is not inserted on a MC-LAG link with Enhanced convergence
PR Number Synopsis Category: Enhanced Broadband Edge support for firewall
1512844 Problem with dual stack PPPoE/DHCPv6 client connections at high scale using enhanced-policer with logical-interface-policer.
Product-Group=junos
Problem with dual stack PPPoE/DHCPv6 client connections at high scale using enhanced-policer with logical-interface-policer. FPC memory resources are exceeded when reaching high subscriber scale with combination of enhanced-policer and logical-interface-policer.
PR Number Synopsis Category: PTX Express ASIC platform
1384435 An enhancement of optimizing the report to the single bit error check
Product-Group=junos
Due to transient hardware condition, single-bit error (SBE) events are corrected and have no operational impact. Reporting of those events had been disabled to prevent alarms and possibly unnecessary hardware replacements. This change applies to all Platforms using Hybrid Memory Controller (HMC).
PR Number Synopsis Category: to track infrastructure replication bugs
1489158 Issue with accessing the Backup RE Management Interface (Em1) from external Network
Product-Group=junos
On QFX10k chassis-based models, it is an expected behavior that backup RE EM1 can't be accessed from external network as per the design. EM0 on backup routing engine works normal and can be accessed from external network.
PR Number Synopsis Category: Optical Transport Interface
1349277 In MX Series Virtual Chassis, flooding of the following error message can be seen with LACP-enabled aggregated Ethernet interfaces on MPC7, MPC8, and MPC9 cards: CHASSISD_CONFIG_ACCESS_ERROR: pic_parse_ifname: Check fpc rnage failed. The error message impacts only DWDM PICs, which does not effect the MPC7, MPC8, and MPC9 cards. Hence, this syslog message can be safely ignored.
Product-Group=junos
In MX Series Virtual Chassis, flooding of the following error message can be seen with LACP-enabled aggregated Ethernet interfaces on MPC7, MPC8, and MPC9 cards: CHASSISD_CONFIG_ACCESS_ERROR: pic_parse_ifname: Check fpc rnage failed. The error message impacts only DWDM PICs, which does not effect the MPC7, MPC8, and MPC9 cards. Hence, this syslog message can be safely ignored.
PR Number Synopsis Category: Key Management Daemon
1421591 IPsec tunnels flapping causes KMD memory leak
Product-Group=junos
KMD leaks memory when DEP (dynamic endpoints) or static IPsec tunnels are flapping or getting re-established. In a scaled scenario this eventually leads to KMD crash due to memory exhaustion.
PR Number Synopsis Category: Layer 2 VPN related issues
1503282 MPLS label manager could allow configuration of a duplicated VPLS static label
Product-Group=junos
On all JUNOS and all Junos EVO platforms, when configuring wrong static label-range or duplicated static labels for l2circuit or LDP-based VPLS, the instance will not be up.
PR Number Synopsis Category: Layer 2 Control Module
1473610 ERP might not come up properly when MSTP and ERP are enabled on the same interface.
Product-Group=junos
When both "Multiple Spanning Tree Protocol " (MSTP) and Ethernet Ring Protection Switching" ERPS are enabled on the same interface, then ERPS does not come up properly.
PR Number Synopsis Category: Multiprotocol Label Switching
1467278 The rpd might crash in PCEP for the RSVP-TE scenario
Product-Group=junos
In PCEP (Path Computation Element Protocol) with RSVP Traffic Engineered LSP (TE LSP) scenario, the two LSPs with the same TE LSP name might be shared between Path Computation Element (PCE) and Path Computation Client (PCC) in some rare cases. Then, if the configuration of LSP is delegated from CLI and externally controlled by PCC at the same time, the rpd might be crashed.
PR Number Synopsis Category: MX104 Software - Chassis Daemon
1103870 High CPU usage and slow response might be seen when using "snmpbulkget" or "snmpbulkwalk" on MX104 platform.On the MX104 platform, when using snmpbulkget or snmpbulkwalk (for example, used by the SNMP server) on a chassisd-related component (for example, jnxOperatingEntry), chassis process (chassisd) high CPU usage and slow response might be seen because of a hardware limitation, which might also lead to a query timeout on the SNMP client. In addition, the issue might not be seen while using an SNMP query f
Product-Group=junos
On the MX104 platform, when using snmpbulkget or snmpbulkwalk (for example, used by the SNMP server) on a chassisd-related component (for example, jnxOperatingEntry), chassis process (chassisd) high CPU usage and slow response might be seen because of a hardware limitation, which might also lead to a query timeout on the SNMP client. In addition, the issue might not be seen while using an SNMP query for interface statistics. As a workaround, to avoid the issue, use either of the following approaches: Use snmpget or snmpwalk instead of snmpbulkget or snmpbulkwalk and include the -t 30 option when doing the SNMP query. For example, snmpget -v2c -c XX -t 30. Use the -t 30 option with snmpbulkget or snmpbulkwalk. For example, snmpbulkget -v2c -c XX -t 30.
PR Number Synopsis Category: Track Mt Rainier RE platform software issues
1386306 The log message of 'kernel: interrupt storm detected on "irq11:"; throttling interrupt source' might be seen when NG-RE is used
Product-Group=junos
With Next Generation Routing Engine (NG-RE), in some race conditions, the following interrupts messages might be seen on master RE: kernel: interrupt storm detected on "irq11:"; throttling interrupt source
PR Number Synopsis Category: FreeBSD Kernel Infrastructure
1360444 Error messages might be seen when the system boots up
Product-Group=junos
nfsd not running causing the core to fail to be written to the memory ms22 /etc/mount-re: Mounting 128.0.0.1:/var/tmp/pics on /var/re: mount_nfs failed/timed out Capture below to validate if you see the above logs. root@ms22% mount root@ms22% df -k
PR Number Synopsis Category: "ifstate" infrastructure
1439906 On all Junos OS VM based platforms, FPC might reboot if jlock hog occurs
Product-Group=junos
On a JUNOS VM using TSC clocking from the host system, "jlock hog" messages may be seen. This may lead to FPCs reboot.
PR Number Synopsis Category: Kernel MPLS / Tag / P2MP Infrastructure
1515868 kernel core can be seen when processing labelled packet
Product-Group=junos
When we have labelled packet punted to RE due to ttl expiry, During the processing of this packet, the mpls header is stripped off wrongly, because of which the subsequent code execution frees up the packet. When kernel tried to access this freed packet a vmcore can be seen. This is a rare occurrence and not every labelled packet punted to RE should see this crash. Two internal tracking PR's will address this problem, These PRs will - Correct the mpls header stripping logic - Correct the error handling, so that freed up memory buffers storing this packet aren't accessed. The fix for these went in to 17.3R3-S9
PR Number Synopsis Category: PTP related issues.
1458581 The FPC X major errors alarm might be raised after committing the PTP configuration change.
Product-Group=junos
On MX router with MPC5/MPC6/MPC7/MPC8/MPC9/MPC10 installed environment, after committing the PTP configuration change, the "FPC X major errors" alarm may be raised. This issue may cause interface flap and traffic loss.
PR Number Synopsis Category: QFX Platform related (SYSLOG/ALARMS/miscellaneous)
1340053 JDISwitchingReg-Interface flap seen as Dcpfe daemon getting restarted when we add pim/ospf/irb related configuration
Product-Group=junos
dcpfe will crash when multicast index is greater than 8191 due to array out of bound access.
PR Number Synopsis Category: Filters
1455177 A firewall filter might not be able to be applied in a particular VC/VCF member as TCAM space running out
Product-Group=junos
On QFX51/EX4300/EX4600 VC/VCF scenario with Vxlan used, when configuring a firewall filter and commit, the firewall filter might not be able to be applied in a particular VC/VCF member for TCAM space running out.
PR Number Synopsis Category: QFX L2 PFE
1500825 On the QFX5000 switches, ERPS might not work correctly.
Product-Group=junos
On QFX5k platforms, Ethernet ring protection switching (ERPS) might not work correctly due to ERPS instance programming failure in hardware which might cause loop in the network.
PR Number Synopsis Category: QFX VC Infrastructure
1390226 The memory usage of processes increases significantly between Junos OS Release 14.1X53-Dxx to Junos OS Release 17.x.
Product-Group=junos
In Junos OS, most daemons underwent architectural change in transition from Junos OS Release 14.1X53 to Junos OS Release 17.X (4 years) and many new features were added. These changes caused an increase in memory footprint in Junos OS Release 17.X compared to Junos OS Release 14.1X53. Unless we see system instability or any adverse performance impact, or a daemon crash due to low memory, this increased memory footprint should not be an issue, and functionality should work fine. The increased memory footprint is a Junos OS property not specific to QFX5K.
PR Number Synopsis Category: RPD Next-hop issues including indirect, CNH, and MCNH
1242589 In a BGP or MPLS scenario, changing events about the next hop interface MPLS family might cause the route to be in the Dead state
Product-Group=junos
In a BGP or MPLS scenario, if the next hop type of label route is indirect, then the following changing events about the next hop interface MPLS family might cause the route to be in the Dead state, and the route remains in that state even when the family MPLS is again activated: Deactivating and activating the interface family mpls. Deleting and adding back the interface family mpls. Changing maximum labels for the interface. When a labelled route is resolved over an interface, that interface must have family mpls configured for the route to be successfully resolved. Otherwise, the route does not get resolved.
PR Number Synopsis Category: Sangria Platform including chassisd, RE, CB, power managemen
1091879 FPC go down with "Button Press" message in the logs.
Product-Group=junos
Issue happened because of FPC has a bad membrane which is susceptible to fan speeds and can cause a button press event. To avoid this work-around has given as set cmd "set chassis fpc x button-events-disable" and even if interrupt happens FPC will not go offline.
PR Number Synopsis Category: MPC7/8/9 Interface Issues
1441816 Egress stream flush failure and traffic black hole might occur.
Product-Group=junos
Egress stream flush failure and silent dropping of traffic could occur in a rare occasion for a repeatedly flapping link on MPC7E, MPC8E, MPC9E cards, MX204 and MX10003.
PR Number Synopsis Category: Stout PF fabric (SFB2)
1363587 On the MX2010 and MX2020 routers equipped with SFB2, some error logs might be seen.
Product-Group=junos
On MX2010/MX2020 routers equipped with SFB2 (Switch Fabric Board 2), some error messages could be occasionally seen in the logs. There is no operational impact nor an indication of a real issue caused by these messages.
PR Number Synopsis Category: Trio pfe stateless firewall software
1454257 The MPC might drop packets after you enable the firewall fast lookup filter.
Product-Group=junos
On the MX routers with MPC2E-NG/MPC3E-NG/MPC5E/MPC6E/MPC7E/MPC8E/MPC9E installed, when the firewall FLT (fast lookup filter) configured on the interface which belongs to these type MPCs, due to the FLT memory parity error, it may cause that MPC to drop packets.
PR Number Synopsis Category: UI Infrastructure - mgd, DAX API, DDL/ODL
991081 The configuration change on Backup RE cannot be synchronized while deleting inactivated interfaces/routing-instances from master
Product-Group=junos
In the dual Routing Engine scenario, the backup Routing Engine does not sync up the configuration change while deleting an inactivated interface/routing-instances from the master. So after the operation, the inactivated interface/routing-instances still exists on the backup Routing Engine.
1284271 The error message of jlaunchd might be seen during system reboot or RE switchover
Product-Group=junos
With 16.2R1, 16.1R4 releases or above, the error message about jlaunchd, "jlaunchd: %AUTH-1: commit-batch is thrashing, not restarted", might be seen after the system reboot or RE switchover.
PR Number Synopsis Category: VMHOST platforms software
1349373 FPCs may reboot continuously until the Routing Engine reboot
Product-Group=junos
On a next-generation Routing Engine (NG-RE), a failure of the Hardware Random Number Generator (HWRNG) will leave the system in a state where there is not enough entropy available to operate. Please refer to TSB17734(http://kb.juniper.net/InfoCenter/index?page=content&id=TSB17734) for more details.
 
Modification History:
2020-09-18 Update to include a warning about PFE memory leaks when using IRB with VPLS/Bridge-domain
2020-08-31 First Publication
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search