Search our Knowledge Base sites to find answers to your questions.
Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles17.3R3-S9: Software Release Notification for JUNOS Software Version 17.3R3-S9
Warning: With VPLS/Bridge-Domain environment, an MX/EX9200 Series router with Trio-based MPCs running software version 17.3R3-S9. The MPCs may experience NH memory leak in the PFEs when using integrated routing and bridging (IRB) interface participating in the VPLS/Bridge-domain instance.
Junos Software service Release version 17.3R3-S9 is now available.
| PR Number | Synopsis | Category: EX4300 PFE |
|---|---|---|
| 1456879 | The traffic for some VLANs might not be forwarded when vlan-id-list is configured Product-Group=junos |
On EX4300 Series switches, if the vlan-id-list is used on one interface, the traffic for some VLANs under the vlan-id-list might not be forwarded. |
| 1493212 | IPv6 neighbor solicitation packets might be dropped in a transit device. Product-Group=junos |
In EX4300 platform with a Layer 2 scenario, IPv6 neighbor solicitation (NS) packets transiting an EX switch might be dropped if there is a firewall filter matching "next-header icmpv6" then "policer xxx with discard action" configured under a loopback interface. That will cause the IPv6 communication going through the EX switch to fail (IPv4 works fine). |
| PR Number | Synopsis | Category: EX4300 Platform |
| 1502726 | On the EX4300 device, traffic loss might be seen with framing errors or runts if MACsec is configured. Product-Group=junos |
On EX4300 platform with Media Access Control Security (MACsec) configured, if there is high traffic flowing through the MACsec enabled link, increasing framing errors or runts statistics might be seen in the output of "show interfaces extensive <>" for the affected interface. Traffic loss might also happen due to this issue. |
| PR Number | Synopsis | Category: QFX Access control list |
| 1499918 | Traffic drop might be observed after modifying the FBF firewall filter. Product-Group=junos |
On QFX5000 Series platforms, after making changes in filter-based forwarding (FBF) firewall filter that is configured with multiple terms or different routing instances, traffic drop might be observed. |
| PR Number | Synopsis | Category: QFX PFE CoS |
| 1510365 | Traffic might be forwarded to the wrong queue when a fixed classifier is used. Product-Group=junos |
If L2 access or vlan bridge IFL is created after fixed classifier is applied, the traffic matching the fixed classifier might be forwarded in unexpected queue, it might cause congestion unexpectedly hence there is traffic impact. |
| PR Number | Synopsis | Category: QFX PFE L2 |
| 1467466 | On the QFX5000 line of switches, few MAC addresses might be missing from the MAC table in the software. Product-Group=junos |
On QFX5k platform, if Packet Forwarding Engine process is restarted manually or device reboot occurs, some MAC address(es) might not be seen on software MAC table but MAC address will be present in hardware table. |
| PR Number | Synopsis | Category: QFX L3 data-plane/forwarding |
| 1432023 | The fxpc core might be seen during the reboot of device on QFX5100/EX4600 switches Product-Group=junos |
On QFX5100 and EX4600 switches, due to Bad Chip ID, an fxpc core filecan be seen during the device reboot. This is due to a transient error related to a chip where vendor tries to get the chip ID and it results in improper info. |
| PR Number | Synopsis | Category: JUNOS kernel/ukernel changes for ACX |
| 1481151 | Memory utilization enhancement on ACX platforms Product-Group=junos |
RPD memory chunk size is optimized for ACX platform to reduce the memory foot print. |
| 1482598 | ACX AUTHD process memory usage enhancement Product-Group=junos |
The overall memory utilization corresponding to AUTHD process on a system without this fix would be around 15 percent. |
| 1506938 | PIC slot may be shut down less than 240 seconds due to the over-temperature start time is handled incorrectly Product-Group=junos |
On ACX1000/2000/4000 platforms, if the temperature in a PIC reaches above over the temperature threshold, the timer is started and the over-temperature start time is stored. If this condition persists for 240 seconds, the PIC slot would be shut down. If the temperature drops before 240 seconds, the timer is stopped and the over-temperature start time is made to zero. But in some cases, when the temperature drops before 240 seconds, the over-temperature start time is not made to zero but stored. In this case, if the same PIC reaches above over the temperature threshold again, the PIC might be shut down before 240 seconds as the 240 seconds delay are not calculated from this event but from the last. |
| PR Number | Synopsis | Category: MPC Fusion SW |
| 1463859 | The MPC2E-NG or MPC3E-NG card with specific MIC might crash after a high rate of interface flaps. Product-Group=junos |
If any MIC of type MIC-3D-2XGE-XFP / MIC-3D-4XGE-XFP / MIC-3D-20GE-SFP-E / MIC-3D-20GE-SFP-EH / MIC-MACSEC-20GE is installed in MPC2E-NG/MPC3E-NG card, the Microkernel (uKern) might hog for CPU on Packet Forwarding Engine (PFE) when there is a high rate of interface flaps (~30/40 flaps per second). This will eventually trigger the MPC2E-NG/MPC3E-NG card crash with an NGMPC core file. Normally the excessive interface flapping won't happen frequently in the real-world and it may be caused due to the external environment. This fix will reduce the impact and prevent the uKern hog when having such conditions. The fix for this issue causes a regression as documented in TSB17782 and PR1508794 which affects interfaces with "WAN-PHY" framing. |
| PR Number | Synopsis | Category: Bi Directional Forwarding Detection (BFD) |
| 1448649 | Junos OS BFD sessions with authentication flaps occurs after sometime Product-Group=junos |
In the scenario where BFD session authentication is configured, after a certain period of time, BFD sessions flaps may be seen, this will cause the neighbor to be down. |
| PR Number | Synopsis | Category: Border Gateway Protocol |
| 1437108 | Wrong next hop might be seen when BGP PIC edge is enabled. Product-Group=junos |
On all Junos releases before 19.1R1, when BGP PIC Edge is enabled, the incorrect next-hop might be assigned through BGP update, which will result in the following: 1. The next-hop advertised through BGP can be incorrect. 2. ECMP paths can get replaced with a PIC backup when the egress interface is same for the ECMP paths. |
| 1492743 | The BGP route-target family might prevent RR from reflecting Layer 2 VPN and Layer 3 VPN routes. Product-Group=junos |
If the user only sets protocols bgp local-as <> without configuring routing-options autonomous-system <> or having a different autonomous-system number than local-as, the iBGP Route-Reflector (RR) will treat the route-target (RT) routes from iBGP neighbor PEs as an external prefix, and by default, the external peer number is limited to one for a given Route Target, in this case, the Route-Reflector might not reflect L2VPN and L3VPN prefixes to some iBGP clients advertised the same RT prefixes. |
| PR Number | Synopsis | Category: MX Platform SW - UI management |
| 1498538 | SNMP polling does not show correct PSM jnxOperatingState when one of the PSM Inputs failed Product-Group=junos |
SNMP polling does not show correct PSM jnxOperatingState when one of the PSM Inputs failed or not exists |
| PR Number | Synopsis | Category: QFX Access Control related |
| 1515972 | "dot1x" memory leak Product-Group=junos |
Memory leak is seen in 'dot1xd' daemon when no 'dot1x' is configured. Memory leak is seen for the allocation while creating socket from 'dot1xd' daemon to 'authd' daemon. If 'authd' is not running , 'dot1xd' daemon tries to connect to 'authd' periodically and every time it was allocating memory for string "/var/run/authd_control" for socket creation. The memory does not free in this scenario and we see memory leak for string "/var/run/authd_control". There will be no service impact to other services/daemons other than dot1x. |
| PR Number | Synopsis | Category: EVPN control plane issues |
| 1394803 | The process rpd crash may be observed with EVPN type-3 route churn Product-Group=junos |
In an EVPN scenario, rpd may crash with EVPN type-3 route churn due to a race condition (Incorrect sequence of allocating and freeing memory for processing the updates between BGP and EVPN). |
| 1438227 | Configuring ESI on a single-homed 25-Gigabit Ethernet port might not work. Product-Group=junos |
In an EVPN scenario, if the 25G interface of Leaf node is configured with an Ethernet Segment Identifier (ESI), and it actually only has a single-homed to reach its peer, that might cause the packets to the peer to be discarded. |
| PR Number | Synopsis | Category: EVPN Layer-2 Forwarding |
| 1498023 | The l2ald memory leakage might be observed in any EVPN scenario. Product-Group=junos |
In any EVPN scenario (for example, active-active multi-homing mode, active-standby multi-homing mode, EVPN-VXLAN, or EVPN-MPLS), the l2ald memory might slowly come up when the local CE device or core face interfaces continuously flap. If the memory of l2ald is exhausted, it causes the l2ald to crash. |
| 1520078 | Unable to create a new VTEP interface Product-Group=junos |
In all platforms with VXLAN Static VTEP tunnels scenario (including Static VXLAN without EVPN), after RE switchover or restart of l2-learning, if create a new VTEP interface, the interface may not work. |
| PR Number | Synopsis | Category: Kernel software for AE/AS/Container |
| 1425211 | Interface with FEC disabled might flap after Routing Engine mastership switchover. Product-Group=junos |
By default, RS-FEC (Reed-Solomon Forward Error Correction) is enabled for 100G SR4/PSM4 optics and disabled for 100G LR4 optics. The "set interfaces xx gigether-options fec" knob was introduced in Junos OS Release 16.1R1, it can be used to override the default behavior and explicitly enable/disable FEC for a 100G interface. In GRES scenario, when a 100G interface with SR4/PSM4 optics (e.g. QSFP-100GBASE-SR4/QSFP-100G-PSM4) is a member of an AE interface, and FEC is disabled on AE (knob "gigether-options fec none" is configured), the interface might flap during RE mastership switchover. After that, the interface will come up itself and this issue will recover automatically. |
| PR Number | Synopsis | Category: Layer 2 Circuit issues |
| 1511783 | The rpd might crash after removing the last interface configured under the l2circuit neighbor Product-Group=junos |
On all Junos platforms, rpd crash may be observed after removing the last interface configured under the l2circuit neighbor which is in fact active. |
| 1512834 | The rpd might crash when deleting l2circuit configuration in a specific sequence Product-Group=junos |
If l2circuit local-switching is enabled with connection-protection, the rpd could crash in the following configuration change sequence. 1. First, delete the logical interface (IFL) used by a l2circuit and commit the change. 2. Then, delete the corresponding l2circuit configuration. The rpd could crash after committing the change. |
| PR Number | Synopsis | Category: Layer 2 Control Module |
| 1505710 | The l2cpd crash might be seen if the ERP configuration is added or removed, and l2cpd is restarted. Product-Group=junos |
Core files are generated if you add or delete ERP configuration multiple times and restarted l2cpd or rebooted the box. If this issue is happened, l2cpd does not recover again and generates core file continuously. |
| PR Number | Synopsis | Category: Layer2 forwarding on EX/NTF/PTX/QFX |
| 1512802 | Memory leak on l2ald might be seen when adding/deleting the routing-instances/bridge-domains configuration Product-Group=junos |
Memory leak on l2ald might be seen when adding/deleting the routing-instances/bridge-domains configuration. |
| PR Number | Synopsis | Category: Label Distribution Protocol |
| 1517667 | SNMP Trap is sent with incorrect OID jnxSpSvcSetZoneEntered Product-Group=junos |
SNMP trap is sent with incorrect OID(jnxSpSvcSetZoneEntered) while sending trap for mplsMldpFecUp |
| PR Number | Synopsis | Category: Multiprotocol Label Switching |
| 1445024 | An rpd memory leak might be seen when the interdomain RSVP LSP is in the down state. Product-Group=junos |
In interdomain RSVP label-switched path (LSP) scenario, an rpd memory leak might be seen when the Constrained Shortest Path First (CSPF) tries to recompute the path for the "down" LSP that is due to no route or ERO is incorrectly configured. The issue might lead to rpd crash when the rpd is out of memory and results in traffic loss. |
| PR Number | Synopsis | Category: Bugs related to ethernet interface on MX platform |
| 1435221 | MicroBFD 3x100ms flap is seen upon inserting a QSFP in another port. Product-Group=junos |
Micro BFD/LFMD sessions with timer configured with less than 3x500ms (such as 3x100ms) might flap when a QSFP transceiver is inserted into another port. |
| PR Number | Synopsis | Category: MX104 Software - Chassis Daemon |
| 1453893 | FPC/PFE crash may happen with ATM MIC installed in the FPC Product-Group=junos |
FPC crash on MX240 and MX2020 routers or Packet Forwarding Engine crash on MX104 routers might happen when the MIC-3D-8OC3-2OC12-ATM is installed and ATM interface is configured. |
| PR Number | Synopsis | Category: Kernel Stats Infrastructure |
| 1411303 | SNMP OID IFOutDiscards not updated when drops increasing Product-Group=junos |
When interface drop happens on interface, the SNMP OID IfOutDiscars might not be updated until a new "show interface extensive" cli command issued. |
| 1462986 | Slow Response from SNMP might be observed after an upgrade to Junos OS Release 19.2R1. Product-Group=junos |
Slow response introduced with PR/1411303 fix, is getting resolved with this PR. |
| 1508442 | SNMP poling may return unexpectedly high value of ifHCOutOctets counter for physical interface when any jnxDom OID is processed at the same time Product-Group=junos |
When actual transmitted load is configured for interface as: set interfaces interface-transmit-statistics And ifHCOutOctets OID is polling together with any jnxDom OIDs for the same interface with time interval between pollings equal or less then one second, the resulted value of ifHCOutOctets may be unexpectedly high |
| PR Number | Synopsis | Category: OSPF routing protocol |
| 1489637 | The rpd crashes when reset OSPF neighbours Product-Group=junos |
On all Junos platforms, if more than one million routes are installed into Open Shortest Path First (OSPF) routing table, also, either Nonstop Active Routing (NSR) or Graceful Routing Engine Switchover (GRES) with warm standby is enabled, rpd might crash on backup routing engine (RE) when OSPF neighbors are reset. This is a scaled issue. This issue could be recovered after rpd on backup RE self-restart. |
| PR Number | Synopsis | Category: Used for tracking OVSDB software issues and features |
| 1518807 | The vgd core might get generated when OVSDB server resarts Product-Group=junos |
On all Junos platforms that support OVSDB (Open vSwitch database), the vgd core might get generated when the OVSDB server is restarted. The vgd daemon restart after the core might cause traffic impact. This issue happens when OVSDB server is disconnected and the device (switch/router) sends some updates events to server. |
| PR Number | Synopsis | Category: Path computation client daemon |
| 1472825 | Manually configured ERO on NS controller lost when PCEP session bounced Product-Group=junos |
On all Junos platform with Path Computation Element Protocol (PCEP) enabled, if PCEP session bounced druing Routing Engine (RE) switchover on a LSP ingress router, unexpacted delete message might be sent from Path Computation Client (PCC) to Path Computation Element (PCE) with North Star (NS) controller. In the end, manually configured explicit route object (ERO) for RSVP-TE based label switched path (LSP) on NS controller will be lost. However, traffic go through ERO set on NS controller is still normal. |
| PR Number | Synopsis | Category: PPPoE functional plugin for bbe-smgd |
| 1479099 | PPPoE subscribers might not all login after FPC restart Product-Group=junos |
On MX platforms with PPPoE subscriber scenario, the system may not allow all subscribers to login after FPC restart. |
| PR Number | Synopsis | Category: PTP related issues. |
| 1451950 | RMPC core files are found after the configuration changes are done on the network for PTP or clock synchronization. Product-Group=junos |
On the ACX/MX/QFX platform with PTP (Precision Time Protocol)/SyncE (Synchronous Ethernet) enabled, if configuration changes for the PTP/SyncE are combined with multiple events, the FPC core might be seen. |
| PR Number | Synopsis | Category: Interface related issues. Port up/down, stats, CMLC , serdes |
| 1465302 | The physical interface of aggregated Ethernet might take time to come up after disabling or enabling the interface Product-Group=junos |
On Junos platforms, the physical interface of AE might come up after a long delay (4 mins) if there are millions of bgp routes learnt on the device. This delay is happening because PFE Manager thread is busy processing the routing updates from RE. These routing updates are the result of AE interface going down at the first step of disabling the interface. |
| PR Number | Synopsis | Category: QFX Platform related (SYSLOG/ALARMS/miscellaneous) |
| 1387098 | Traffic loss may be observed due to switch modular failure on CB Product-Group=junos |
On QFX10008/QFX10016/PTX10008/PTX100016 platforms, traffic loss might be observed because of switch modular failure on the Control Board (CB). This failure further causes all SIBs to be marked as faulty and causes FPCs to restart until Routing Engine switchover occurs. |
| PR Number | Synopsis | Category: QFX PFE Class of Services |
| 1472771 | On the EX4600 device, DSCP marking might not work as expected if the fixed classifiers are applied to interfaces. Product-Group=junos |
On QFX5000/EX4600 platforms, if the interfaces are configured with the fixed classifiers, when some specific configuration changes are committed, for example, the same forwarding-class is applied to two different interfaces at the same time, and then the forwarding-class for one of the interfaces is changed and committed to a different value, the Differentiated Services code point (DSCP) marking might not be able to work as expected since both physical interfaces are still having the same forwarding-class mapped in the hardware table due to this issue. |
| PR Number | Synopsis | Category: QFX L2 PFE |
| 1504354 | LLDP is not acquired when native-vlan-id and tagged VLAN-ID are the same on a port. Product-Group=junos |
On QFX5000 platforms running with Link Layer Discovery Protocol (LLDP) configured, if the interface has both native-vlan-id and vlan-id configured, and the native-vlan-id and vlan-id have the same value, LLDP neighborship might be unable to setup on that particular interface due to this issue. |
| PR Number | Synopsis | Category: QFX EVPN / VxLAN |
| 1463939 | JDI-RCT : QFX 5100 VC/VCF : Observing Error BRCM-VIRTUAL,brcm_vxlan_walk_svp(),6916:Failed to find L2-iff for ifl: while cleanup Evpan-VxLAN configs with Mini-PDT base configurations Product-Group=junos |
On QFX5100, Error BRCM-VIRTUAL,brcm_vxlan_walk_svp(),6916:Failed to find L2-iff for ifl: may come while cleanup Evpn-VxLAN configs. These are harmless messages. |
| PR Number | Synopsis | Category: RPD route tables, resolver, routing instances, static routes |
| 1415077 | Dynamic routing protocol flapping with VM host Routing Engine switchover on NG-RE. Product-Group=junos |
In NG-RE dual RE platform, some commands for RE switchover might lead process rpd to go down/up, due to a delay that makes the process chassisd fail to update its status of mastership promptly. As the mastership status the chassisd governs determines which action the process rpd needs to take the next, if RE is rebooted and the chassisd mastership state is RE-Master then, in that case, rpd clears all the kernel states; and if chassisd mastership state for that RE is RE-Backup, then rpd just quits silently and restarts again in backup mode without any kernel states being cleaned. So that rpd cleanup of kernel states causes this issue. |
| 1507638 | On all JUNOS dual-RE GRES/NSR enabled routers, RPD might crash on a new master RE (Routing Engine) if RE switchover happened right after massive routing-instances deletion Product-Group=junos |
If GRES and NSR are enabled at a dual-RE router and if RE switchover happens (either manually or due to some other reasons) right after deleting a big number of routing instances, then RPD at a new master RE could crash once. Once a new master RPD crashed, it will restart by itself. |
| PR Number | Synopsis | Category: Resource Reservation Protocol |
| 1505834 | The rpd process might crash with RSVP configured in a rare timing case Product-Group=junos |
On all Junos platforms running with the Resource Reservation Protocol (RSVP) configured, when some socket error happens, RSVP might be unable to send messages. However, the counter for sent messages has already been increased due to the software design defect. The wrong counter might lead to the rpd process crash. It's a rare timing issue that might be more likely to happen in a scaled scenario. |
| PR Number | Synopsis | Category: Generic platform and infra issues for MS-MIC and MS-MPC(XLP) |
| 1405917 | The FPC crash might be observed in MS-MPC HA environment Product-Group=junos |
On MX Series platform with MS-MPC card used, in race condition, if the MS-MPC is used on HA (High Availability) scenario ( the 'set interfaces ms-x/x/x redundancy-options redundancy-peer/redundancy-local' knob and GRES is configured), the FPC might crash due to the bus error (segmentation fault). The reason is that two CPUs simultaneously access the same session-extension memory in the session structure, one for writing, the other for reading. A reading CPU gets an incorrect value and uses that as the memory address. This causes the bus error (segmentation fault). |
| 1489942 | Prolonged flow-control might happen on MX platforms with MS-MPC/MS-MIC Product-Group=junos |
On MX platforms with MS-MPC/MS-MIC, if there are lots of self-generated packets like TCP-tickle and UDP-logging, there might be data congestion on the data path due to no throttling functionality for such types of packets. When the data path is blocked, prolonged flow-control might happen with the service interfaces being brought down and the PIC reboot. At the same time, the mspmand core file will be generated if dump-on-flow-control is enabled. |
| PR Number | Synopsis | Category: MX10002 RCB/LC Diagnostics defects |
| 1405787 | Some error messages (about Voltage read failed) might be seen on MX10K platforms Product-Group=junos |
On MX10003 and an MX10008 platforms, some error messages (about Voltage read failed) might be seen. The reason is that its internal i2c bus may experience congestion. Thus the software may not be able to communicate on the first try. This PR optimizes the retry logic and its reporting. |
| PR Number | Synopsis | Category: Issues related to broadband edge apps (PPP, DHCP) on Trio ch |
| 1401808 | FPC core files due to a corner case scenario (race condition between RPF, IP flow). Product-Group=junos |
In a subscriber management deployment where the Reverse-Path-Forwarding (RPF) check and MAC check is enabled, a race condition might cause software failure and resulted in a Flexible PIC Concentrator (FPC) to restart. |
| PR Number | Synopsis | Category: Trio pfe bridging, learning, stp, oam, irb software |
| 1451559 | In EVPN-VXLAN scenario, sometimes host-generated packets gets dropped as hitting reject route in Packet Forwarding Engine. Product-Group=junos |
The host generated packets might be dropped in the EVPN/VXLAN scenario due to hitting the "reject route" policy in PFE. |
| PR Number | Synopsis | Category: Trio pfe microcode software |
| 1409626 | On all the EX9200 line of switches, MX Series routers, and T4000, LACP DDoS policer is incorrectly triggered by other protocols traffic. Product-Group=junos |
DDOS policer for LLDP/MVRP/Provider MVRP/dot1X is incorrectly identified as LACP DDOS violation on the EX9200 line of switches, MX Series routers, and T4000 devices. This issue can appear whenever there is an overflow of traffic from any of these protocols that triggers DDOS for LACP rather than the actual protocol. |
| PR Number | Synopsis | Category: UI Infrastructure - mgd, DAX API, DDL/ODL |
| 1455667 | The SmiHelperd process is not initialized in the Junos OS PPC Releases. Product-Group=junos |
After Software Upgrade, SNMP MIB Walk does not Poll/Fetch any Information |
| PR Number | Synopsis | Category: V44 Satellite Device Infra |
| 1466324 | Temperature sensor alarm is seen on EX4300 in Junos Fusion scenario. Product-Group=junosvae |
In Junos Fusion scenario with EX4300 acting as SD, the temperature sensor alarms and logs might be seen as a result of the incorrect temperature reading of about 2-3 degrees lower than the expected. There is no CLI command to clear the alarm and logs. |
| PR Number | Synopsis | Category: V44 Aggregation Device Platforms |
| 1490101 | The stats of extended ports on satellite device cluster might show wrong values from the aggregation device Product-Group=junos |
In Junos Fusion with satellite device cluster and single aggregation device (AD) deployment, if a satellite device (SD) in the cluster is not directly connected to the AD, the physical interface (IFD) stats of the extended ports on this SD cannot be shown correctly from AD. It is a display issue and does not affect function. |
| PR Number | Synopsis | Category: Virtual Router Redundancy Protocol |
| 1506747 | Unexpected dual VRRP backup state might happen after performing two subsequent RE switchovers with 'track priority-hold-time' configured Product-Group=junos |
On all Junos platforms with dual REs installed, if 'track priority-hold-time' and 'track interface' are enabled in the same VRRP groups, after performing the second RE switchover in a shorter time than the group 'track priority-hold-time' configured timer after the first RE switchover, it may cause unexpected dual VRRP backup state followed by VRRP master re-election, and the traffic forwarded over VRRP VIP could be affected during this time. |
| PR Number | Synopsis | Category: Software build tools (packaging, makefiles, et. al.) |
|---|---|---|
| 1464570 | mspmand core can be generated at bootup Product-Group=junos |
An mspmand core can be generated when the MS-MPC is booting. This has been mainly seen during an upgrade. The card will reboot and continue with normal operation without manual intervention. |
| PR Number | Synopsis | Category: EX9200 Platform |
| 1448368 | On the EX9214 device, the following error message are observed after reboot and MACsec-enabled link flaps: errorlib_set_error_log(): err_id(-1718026239). Product-Group=junos |
On the EX9214 device, if the MACsec-enabled link flaps after reboot, the error "errorlib_set_error_log(): err_id(-1718026239)" is observed. |
| PR Number | Synopsis | Category: ACX MPLS |
| 1484233 | Incorrect TPID set in transit MPLS frames sent on tagged egress interface on ACX Product-Group=junos |
ACX1k/2k/4k before Junos release before 17.4R3-S2.4 , acting as PHP in a MPLS path, with vlan-id configured on core interfaces, TPID is set as unknown for transit MPLS packets. This issue is fixed in 17.4R3-S2.4. |
| 1512821 | On a ACX ring topo, after link connection flap between PHP node and Egress PE node, VRF traffic that should be PHP still go out with MPLS and VPN labels Product-Group=junos |
After link connection flap between the PHP node and the egress PE node, the VRF traffic which supposed to PHP and sent only with VPN label out to egress PE, would wrongly tagged with both MPLS label and VPN label. |
| PR Number | Synopsis | Category: MPC Fusion SW |
| 1508794 | A Regression issue introduced by PR1463859 causing WAN-PHY interface continuously flaps with default hold-time down of 0 Product-Group=junos |
PR1463859 introduces a software defect that causes a 10GE interface to flap continuously when configuring with the WAN-PHY framing with the default "hold-down" timer (0). Once upgrading a router to an affected software release, the interface may flap continuously. This is not applicable to an interface with the default framing - LAN-PHY. |
| PR Number | Synopsis | Category: Border Gateway Protocol |
| 1403186 | All the BGP session flap after RE switchover Product-Group=junos |
With GRES and NSR enabled, if executing RE switchover, BGP session might flap in some scenario. When Junos version have the fix of PR-1440694, BGP session always flap after doing RE switchover. |
| 1447601 | On the MX2000 and PTX10000 lines of devices , Layer 3 VPN PE-CE link protection exhibits unexpected behavior. Product-Group=junos |
In L3VPN PE-CE link protection scenario with MX2K/PTX10K platforms, the external and internal BGP (EIBGP) multipath route might be advertised with an unexpected VPN label if IBGP backup path is present. When the backup IBGP path goes away, it will get the correct VPN label like other routes. |
| 1494005 | The rpd process generates core file at rt_nh_resolve_add_gen in ../../../../../../../../src/junos/usr.sbin/rpd/lib/rt/rt_resolve_ind.c: with the evpn-dhcp configurations. Product-Group=junos |
In BGP with INH (indirect next-hop) scenario, if using the knob "no-labeled-bgp" to disabled the chained composite next-hops for labeled BGP, the INH might not be created for the transit traffic route when devices handling transit traffic in the network. To create the INH again, it need to re-enable the chained composite next-hops for labeled BGP by removing the knob "no-labeled-bgp" or adding the knob "labeled-bgp", but the rpd resolver might not resolve the INH information as normal since the resolver is not getting ready, it might cause RDP crashed. Then, the routing protocol might be impacted. |
| PR Number | Synopsis | Category: BBE Remote Access Server |
| 1402653 | Authd reuses addresses too quickly before jdhcpd can completely clean up the old subscriber, which floods the error log; for example: jdhcpd: %USER-3-DH_SVC_DUPLICATE_IPADDR_ERR: Failed to add 10.1.128.3 as it is already used by 1815. Product-Group=junos |
On all Junos platforms running in subscriber scenario with address pool configured, if the address pool has high usage so that only few addresses are free to allocate, when there are subscribers logout and login, the released address by one subscriber might get re-used and allocated to the other subscriber very soon. Due to this issue, syslog error messages might be seen, and the affected subscriber might need to take retry for login. |
| PR Number | Synopsis | Category: Virtual-chassis platform/chassisd infrastructure PRs for MX |
| 1428254 | syslog "scchassisd[ ]: CHASSISD_IPC_WRITE_ERR_NULL_ARGS: FRU has no connection arguments fru_send_msg Global FPC x" is observed after MXVC local or global switchover Product-Group=junos |
syslog "scchassisd[ ]: CHASSISD_IPC_WRITE_ERR_NULL_ARGS: FRU has no connection arguments fru_send_msg Global FPC x" is observed after MXVC local or global switchover. The syslog is harmless in this scenario. Junos containing the fix will suppress this type of message. |
| PR Number | Synopsis | Category: EA chips SW |
| 1407506 | When you use the inline J-Flow application, the FPC crashes and slows the convergence upon HMC fatal error condition. Product-Group=junos |
On MX Series platforms using MPC7E, MPC8E, MPC9E, MX10k-LC2101, or MX10003, when the inline J-Flow application is used, a fatal error on Hybrid Memory Cube (HMC) performs a "disable-pfe" action. Because J-Flow records are hosted on the HMC memory partition, reading and writing to the HMC memory might trigger FPC crash and high FPC CPU utilization, causing slow convergence (adding/deleting routes or next hops) for other Packet Forwarding Engines on the same FPC carrier. |
| PR Number | Synopsis | Category: EVPN control plane issues |
| 1506343 | Configuring the knob "proxy-macip-advertisement" for EVPN-MPLS leads to functionality breakage Product-Group=junos |
In EVPN-MPLS scenario, with "proxy-macip-advertisement" enabled on IRB, ARP for remote CE on local PE fails might be seen and forwarding-table entry always remains in hold state. The "proxy-macip-advertisement" enable the proxy advertisement feature on a device that can function as a Layer 3 gateway. With this feature enabled, the Layer 3 gateway advertises the MAC and IP routes (MAC+IP type 2 routes) on behalf of Layer 2 VXLAN gateways. |
| PR Number | Synopsis | Category: Express PFE L3 Features |
| 1385723 | The IPv6 packet might not be routed when IPv6 packet is encapsulated over IPv4 GRE tunnel on QFX10000.. Product-Group=junos |
On QFX10002/QFX10008/QFX10016 platforms, the IPv6 traffic might be dropped if the IPv6 over IPv4 Generic Routing Encapsulation (GRE) tunnel is configured because when an Interface family (IFF) member is removed on the Logical interface (IFL), the property of IFL to learn MAC is getting set to NULL which is causing ARP failure. |
| PR Number | Synopsis | Category: Express pfe Mclag |
| 1464409 | Traffic does not forward across ICL when SFP is not inserted on a MC-LAG link with Enhanced convergence Product-Group=junos |
Traffic does not forward across ICL when SFP is not inserted on a MC-LAG link with Enhanced convergence |
| PR Number | Synopsis | Category: Enhanced Broadband Edge support for firewall |
| 1512844 | Problem with dual stack PPPoE/DHCPv6 client connections at high scale using enhanced-policer with logical-interface-policer. Product-Group=junos |
Problem with dual stack PPPoE/DHCPv6 client connections at high scale using enhanced-policer with logical-interface-policer. FPC memory resources are exceeded when reaching high subscriber scale with combination of enhanced-policer and logical-interface-policer. |
| PR Number | Synopsis | Category: PTX Express ASIC platform |
| 1384435 | An enhancement of optimizing the report to the single bit error check Product-Group=junos |
Due to transient hardware condition, single-bit error (SBE) events are corrected and have no operational impact. Reporting of those events had been disabled to prevent alarms and possibly unnecessary hardware replacements. This change applies to all Platforms using Hybrid Memory Controller (HMC). |
| PR Number | Synopsis | Category: to track infrastructure replication bugs |
| 1489158 | Issue with accessing the Backup RE Management Interface (Em1) from external Network Product-Group=junos |
On QFX10k chassis-based models, it is an expected behavior that backup RE EM1 can't be accessed from external network as per the design. EM0 on backup routing engine works normal and can be accessed from external network. |
| PR Number | Synopsis | Category: Optical Transport Interface |
| 1349277 | In MX Series Virtual Chassis, flooding of the following error message can be seen with LACP-enabled aggregated Ethernet interfaces on MPC7, MPC8, and MPC9 cards: CHASSISD_CONFIG_ACCESS_ERROR: pic_parse_ifname: Check fpc rnage failed. The error message impacts only DWDM PICs, which does not effect the MPC7, MPC8, and MPC9 cards. Hence, this syslog message can be safely ignored. Product-Group=junos |
In MX Series Virtual Chassis, flooding of the following error message can be seen with LACP-enabled aggregated Ethernet interfaces on MPC7, MPC8, and MPC9 cards: CHASSISD_CONFIG_ACCESS_ERROR: pic_parse_ifname: Check fpc rnage failed. The error message impacts only DWDM PICs, which does not effect the MPC7, MPC8, and MPC9 cards. Hence, this syslog message can be safely ignored. |
| PR Number | Synopsis | Category: Key Management Daemon |
| 1421591 | IPsec tunnels flapping causes KMD memory leak Product-Group=junos |
KMD leaks memory when DEP (dynamic endpoints) or static IPsec tunnels are flapping or getting re-established. In a scaled scenario this eventually leads to KMD crash due to memory exhaustion. |
| PR Number | Synopsis | Category: Layer 2 VPN related issues |
| 1503282 | MPLS label manager could allow configuration of a duplicated VPLS static label Product-Group=junos |
On all JUNOS and all Junos EVO platforms, when configuring wrong static label-range or duplicated static labels for l2circuit or LDP-based VPLS, the instance will not be up. |
| PR Number | Synopsis | Category: Layer 2 Control Module |
| 1473610 | ERP might not come up properly when MSTP and ERP are enabled on the same interface. Product-Group=junos |
When both "Multiple Spanning Tree Protocol " (MSTP) and Ethernet Ring Protection Switching" ERPS are enabled on the same interface, then ERPS does not come up properly. |
| PR Number | Synopsis | Category: Multiprotocol Label Switching |
| 1467278 | The rpd might crash in PCEP for the RSVP-TE scenario Product-Group=junos |
In PCEP (Path Computation Element Protocol) with RSVP Traffic Engineered LSP (TE LSP) scenario, the two LSPs with the same TE LSP name might be shared between Path Computation Element (PCE) and Path Computation Client (PCC) in some rare cases. Then, if the configuration of LSP is delegated from CLI and externally controlled by PCC at the same time, the rpd might be crashed. |
| PR Number | Synopsis | Category: MX104 Software - Chassis Daemon |
| 1103870 | High CPU usage and slow response might be seen when using "snmpbulkget" or "snmpbulkwalk" on MX104 platform.On the MX104 platform, when using snmpbulkget or snmpbulkwalk (for example, used by the SNMP server) on a chassisd-related component (for example, jnxOperatingEntry), chassis process (chassisd) high CPU usage and slow response might be seen because of a hardware limitation, which might also lead to a query timeout on the SNMP client. In addition, the issue might not be seen while using an SNMP query f Product-Group=junos |
On the MX104 platform, when using snmpbulkget or snmpbulkwalk (for example, used by the SNMP server) on a chassisd-related component (for example, jnxOperatingEntry), chassis process (chassisd) high CPU usage and slow response might be seen because of a hardware limitation, which might also lead to a query timeout on the SNMP client. In addition, the issue might not be seen while using an SNMP query for interface statistics. As a workaround, to avoid the issue, use either of the following approaches: Use snmpget or snmpwalk instead of snmpbulkget or snmpbulkwalk and include the -t 30 option when doing the SNMP query. For example, snmpget -v2c -c XX -t 30. Use the -t 30 option with snmpbulkget or snmpbulkwalk. For example, snmpbulkget -v2c -c XX -t 30. |
| PR Number | Synopsis | Category: Track Mt Rainier RE platform software issues |
| 1386306 | The log message of 'kernel: interrupt storm detected on "irq11:"; throttling interrupt source' might be seen when NG-RE is used Product-Group=junos |
With Next Generation Routing Engine (NG-RE), in some race conditions, the following interrupts messages might be seen on master RE: kernel: interrupt storm detected on "irq11:"; throttling interrupt source |
| PR Number | Synopsis | Category: FreeBSD Kernel Infrastructure |
| 1360444 | Error messages might be seen when the system boots up Product-Group=junos |
nfsd not running causing the core to fail to be written to the memory ms22 /etc/mount-re: Mounting 128.0.0.1:/var/tmp/pics on /var/re: mount_nfs failed/timed out Capture below to validate if you see the above logs. root@ms22% mount root@ms22% df -k |
| PR Number | Synopsis | Category: "ifstate" infrastructure |
| 1439906 | On all Junos OS VM based platforms, FPC might reboot if jlock hog occurs Product-Group=junos |
On a JUNOS VM using TSC clocking from the host system, "jlock hog" messages may be seen. This may lead to FPCs reboot. |
| PR Number | Synopsis | Category: Kernel MPLS / Tag / P2MP Infrastructure |
| 1515868 | kernel core can be seen when processing labelled packet Product-Group=junos |
When we have labelled packet punted to RE due to ttl expiry, During the processing of this packet, the mpls header is stripped off wrongly, because of which the subsequent code execution frees up the packet. When kernel tried to access this freed packet a vmcore can be seen. This is a rare occurrence and not every labelled packet punted to RE should see this crash. Two internal tracking PR's will address this problem, These PRs will - Correct the mpls header stripping logic - Correct the error handling, so that freed up memory buffers storing this packet aren't accessed. The fix for these went in to 17.3R3-S9 |
| PR Number | Synopsis | Category: PTP related issues. |
| 1458581 | The FPC X major errors alarm might be raised after committing the PTP configuration change. Product-Group=junos |
On MX router with MPC5/MPC6/MPC7/MPC8/MPC9/MPC10 installed environment, after committing the PTP configuration change, the "FPC X major errors" alarm may be raised. This issue may cause interface flap and traffic loss. |
| PR Number | Synopsis | Category: QFX Platform related (SYSLOG/ALARMS/miscellaneous) |
| 1340053 | JDISwitchingReg-Interface flap seen as Dcpfe daemon getting restarted when we add pim/ospf/irb related configuration Product-Group=junos |
dcpfe will crash when multicast index is greater than 8191 due to array out of bound access. |
| PR Number | Synopsis | Category: Filters |
| 1455177 | A firewall filter might not be able to be applied in a particular VC/VCF member as TCAM space running out Product-Group=junos |
On QFX51/EX4300/EX4600 VC/VCF scenario with Vxlan used, when configuring a firewall filter and commit, the firewall filter might not be able to be applied in a particular VC/VCF member for TCAM space running out. |
| PR Number | Synopsis | Category: QFX L2 PFE |
| 1500825 | On the QFX5000 switches, ERPS might not work correctly. Product-Group=junos |
On QFX5k platforms, Ethernet ring protection switching (ERPS) might not work correctly due to ERPS instance programming failure in hardware which might cause loop in the network. |
| PR Number | Synopsis | Category: QFX VC Infrastructure |
| 1390226 | The memory usage of processes increases significantly between Junos OS Release 14.1X53-Dxx to Junos OS Release 17.x. Product-Group=junos |
In Junos OS, most daemons underwent architectural change in transition from Junos OS Release 14.1X53 to Junos OS Release 17.X (4 years) and many new features were added. These changes caused an increase in memory footprint in Junos OS Release 17.X compared to Junos OS Release 14.1X53. Unless we see system instability or any adverse performance impact, or a daemon crash due to low memory, this increased memory footprint should not be an issue, and functionality should work fine. The increased memory footprint is a Junos OS property not specific to QFX5K. |
| PR Number | Synopsis | Category: RPD Next-hop issues including indirect, CNH, and MCNH |
| 1242589 | In a BGP or MPLS scenario, changing events about the next hop interface MPLS family might cause the route to be in the Dead state Product-Group=junos |
In a BGP or MPLS scenario, if the next hop type of label route is indirect, then the following changing events about the next hop interface MPLS family might cause the route to be in the Dead state, and the route remains in that state even when the family MPLS is again activated: Deactivating and activating the interface family mpls. Deleting and adding back the interface family mpls. Changing maximum labels for the interface. When a labelled route is resolved over an interface, that interface must have family mpls configured for the route to be successfully resolved. Otherwise, the route does not get resolved. |
| PR Number | Synopsis | Category: Sangria Platform including chassisd, RE, CB, power managemen |
| 1091879 | FPC go down with "Button Press" message in the logs. Product-Group=junos |
Issue happened because of FPC has a bad membrane which is susceptible to fan speeds and can cause a button press event. To avoid this work-around has given as set cmd "set chassis fpc x button-events-disable" and even if interrupt happens FPC will not go offline. |
| PR Number | Synopsis | Category: MPC7/8/9 Interface Issues |
| 1441816 | Egress stream flush failure and traffic black hole might occur. Product-Group=junos |
Egress stream flush failure and silent dropping of traffic could occur in a rare occasion for a repeatedly flapping link on MPC7E, MPC8E, MPC9E cards, MX204 and MX10003. |
| PR Number | Synopsis | Category: Stout PF fabric (SFB2) |
| 1363587 | On the MX2010 and MX2020 routers equipped with SFB2, some error logs might be seen. Product-Group=junos |
On MX2010/MX2020 routers equipped with SFB2 (Switch Fabric Board 2), some error messages could be occasionally seen in the logs. There is no operational impact nor an indication of a real issue caused by these messages. |
| PR Number | Synopsis | Category: Trio pfe stateless firewall software |
| 1454257 | The MPC might drop packets after you enable the firewall fast lookup filter. Product-Group=junos |
On the MX routers with MPC2E-NG/MPC3E-NG/MPC5E/MPC6E/MPC7E/MPC8E/MPC9E installed, when the firewall FLT (fast lookup filter) configured on the interface which belongs to these type MPCs, due to the FLT memory parity error, it may cause that MPC to drop packets. |
| PR Number | Synopsis | Category: UI Infrastructure - mgd, DAX API, DDL/ODL |
| 991081 | The configuration change on Backup RE cannot be synchronized while deleting inactivated interfaces/routing-instances from master Product-Group=junos |
In the dual Routing Engine scenario, the backup Routing Engine does not sync up the configuration change while deleting an inactivated interface/routing-instances from the master. So after the operation, the inactivated interface/routing-instances still exists on the backup Routing Engine. |
| 1284271 | The error message of jlaunchd might be seen during system reboot or RE switchover Product-Group=junos |
With 16.2R1, 16.1R4 releases or above, the error message about jlaunchd, "jlaunchd: %AUTH-1: commit-batch is thrashing, not restarted", might be seen after the system reboot or RE switchover. |
| PR Number | Synopsis | Category: VMHOST platforms software |
| 1349373 | FPCs may reboot continuously until the Routing Engine reboot Product-Group=junos |
On a next-generation Routing Engine (NG-RE), a failure of the Hardware Random Number Generator (HWRNG) will leave the system in a state where there is not enough entropy available to operate. Please refer to TSB17734(http://kb.juniper.net/InfoCenter/index?page=content&id=TSB17734) for more details. |
Getting Up and Running with Junos
Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search