Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

19.4R2-S2: Software Release Notification for JUNOS Software Version 19.4R2-S2



Article ID: TSB17891 TECHNICAL_BULLETINS Last Updated: 20 Oct 2020Version: 1.0
Alert Type:
SRN - Software Release Notification
Product Affected:
Alert Description:
Junos Software Service Release version 19.4R2-S2 is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts

Warning: With VPLS/Bridge-Domain environment, an MX/EX9200 Series router with Trio-based MPCs running this software version, the MPCs may experience NH memory leak in the PFEs when using integrated routing and bridging (IRB) interface participating in the VPLS/Bridge-domain instance.

Junos Software service Release version 19.4R2-S2 is now available.

19.4R2-S2 - List of Fixed issues

PR Number Synopsis Category: EX driver issues
1515689 The IP communication between directly connected interfaces on EX4600 would fail
The IP communication between directly connected interfaces on EX4600 TVP platforms would fail. This issue only might occur in this special scenario and it might have traffic/service impact.
PR Number Synopsis Category: NFX Layer 2 Features Software
1502700 MAC aging does not work on NFX platforms
The MAC address in MAC table of NFX250/350 platforms does not age out of the table. In some special scenarios the MAC table might be fully filled, and the traffic with new destination MAC would be all flooded. The performance of the device might be impacted.
PR Number Synopsis Category: QFX Access control list
1521763 Firewall "sample" configuration gives the warning as unsupported on QFX10002-36q and will not work.
On QFX10002-36q, when inline-jflow is configured, the IPv4 firewall filter with 'sample' action gives a waring "unsupported platform" and will not work. On the other hand, the IPv6 firewall filter with 'sample' action will still work as expected.
PR Number Synopsis Category: JUNOS kernel/ukernel changes for ACX
1509402 PFE crash might be seen and the FPC may remain down on ACX710 platform
On ACX710 platform, after the PTP(Precision Time Protocol) configuration is removed and the router is rebooted, the PFE might crash and the FPC remains down if PTP traffic is still coming into the router. This issue might also happen when SyncE is configured. This causes the router to crash and not come up.
PR Number Synopsis Category: ACX GE, 10GE, PoE, IDT framers
1430009 The gigether-options command is enabled again under the interface hierarchy.
gigether-options and ether-options both are support on ACX5k PR1430009 initially opened to remove gigether-options, now it has been reverted. Revert has been tracked in the same PR 1430009. Yes, latest fix of PR 1430009 has added back gigether-options
PR Number Synopsis Category: Border Gateway Protocol
1483097 The BGP RPKI ROA withdrawal might lead to an unexpected BGP route flap.
Originally, when an RPKI RTR server or an RPKI Validator withdraws ROAs they are marked as "stale" and then flushed when the garbage collection timer runs out. For the short period of time, this might result in incorrect validation status. If there's an egress BGP policy which suppresses routes with RPKI status of invalid, the affected prefixes will be withdrawn and then, when the correct route validation status is reclaimed, re-advertised. With the fix, the withdrawn ROAs are deleted from the validation database immediately.
1514635 The rpd might report 100% CPU usage with BGP route damping enabled
If a BGP speaker is configured with damping and a peer is flapping, the deferred deleting in BGP might cause a high rpd CPU usage.
1517498 The rpd process might crash after deleting and then adding a BGP neighbor.
In BGP scenario on all Junos platforms, after deleting and re-adding a BGP neighbor, the rpd might crash due to a rare timing issue.
PR Number Synopsis Category: Device Configuration Daemon
1519334 Junos OS: Buffer overflow vulnerability in device control daemon (CVE-2020-1664)
A stack buffer overflow vulnerability in the device control daemon (DCD) on Juniper Networks Junos OS allows a low privilege local user to create a Denial of Service (DoS) against the daemon or execute arbitrary code in the system with root privilege. Refer to for more information.
PR Number Synopsis Category: JUNOS kernel/ukernel changes for DNX
1537619 on ACX5448 PFE crash on vty command "show pfe ifd"
In 19.4 release when "show pfe ifd" command executed in the PFE, FPC crash is observed in ACX5448 platform. This issue is addressed in 19.4R2-S2.
PR Number Synopsis Category: Layer 3 forwarding, both v4+v6
1491261 VPLS flood groups result in IPv4 traffic drop after the core interface flaps.
VPLS flood groups result in IPv4 traffic drop after core interface flap.
1519372 The IPv6 neighbor state change causes Local Outlif to leak by two values, which leads to the following error: DNX_NH::dnx_nh_tag_ipv4_hw_install.
On ACX5448/ACX5448-D, PFE memory exhaustion is reported due to continuous IPv6 neighbor flaps.
PR Number Synopsis Category: DNX VPLS
1532995 Memory leak in Local OutLif in VPLS/CCC topology
In a VPLS/CCC topology with core link protection when one of the core link flaps or the remote CE flaps "Local OutLif" leak happens. Local OutLif Total entries: 196608 Used entries: 33335 Lowest entry: 0(0x0) /*Initially when vpls is up */ Local OutLif Total entries: 196608 Used entries: 33303 Lowest entry: 0(0x0) /*When VPLS is down*/ Local OutLif Total entries: 196608 Used entries: 33337 Lowest entry: 0(0x0) /*When VPLS is up again*/
PR Number Synopsis Category: EVPN control plane issues
1530991 The rpd process might crash when auto-service-id is configured in the EVPN-VPWS scenario.
On all Junos platforms with EVPN VPWS scenario, if auto-service-id is configured and the service IFL under VPWS instance is down, the rpd crash might be seen when any changes made to the configuration.
PR Number Synopsis Category: MX Inline Jflow
1500179 Inline JFlow might report wrong value for some fields in flow records after enabling nexthop-learning and route churn happens
When inline flow monitoring (inline JFlow) along with nexthop-learning enabled is configured on Trio-based line card, the Sampling Route Record Module (i.e. sampler-rr or SRR thread) on PFE ukernel might miss some next-hops updates due to a race condition if route churn happens under large-scale next-hops scenario (e.g. >50K next-hops) and the route churn results in multiple next-hops adding/changing/deleting operations. So, JFlow might report wrong value for some fields in flow records for traffic forwarded using these next-hops missed in SRR.
PR Number Synopsis Category: Aggregated Sonet Interfaces
1472439 The sonet-options configuration statement is disabled for the xe interface that works in wan-phy mode.
On all MX platforms, the 'sonet-options' stanza cannot be configured on xe interface working in wan-phy mode after Junos 19.4R1. This issue may cause software upgrade failure to 19.4R1 or onwards due to configuration validation fails.
PR Number Synopsis Category: jdhcpd daemon
1511782 Junos OS: Receipt of malformed DHCPv6 packets causes jdhcpd to crash (CVE-2020-1671)
On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a malformed DHCPv6 packet is received, resulting with the restart of the daemon. Refer to for more information.
PR Number Synopsis Category: Adresses ALG issues found in JSF
1510678 The srxpfe or mspmand process might crash if FTPS is enabled in a specific scenario.
If FTPS service is enabled on an SRX/MX device where both source NAT and "ssl-proxy" are not configured, then the device may crash upon receiving FTPS traffic.
PR Number Synopsis Category: Adresses NAT/NATLIB issues found in JSF
1532249 Improve the max ENODE connections for one persistent NAT binding from 8 to 32
Improve the max ENODE connections for one persistent NAT binding from 8 to 32
PR Number Synopsis Category: Firewall Module
1521325 The TCP packet might be dropped if syn-proxy protection enabled
On SRX series devices, if TCP SYN flood protection is enabled with TCP SYN Proxy and the 3rd and 4th packet from the client arrive at the same time, then it can cause an SEQ error that may break the TCP connection.
PR Number Synopsis Category: Layer 2 VPN related issues
1503282 The MPLS label manager might allow configuration of a duplicated VPLS static label.
On all JUNOS and all Junos EVO platforms, when configuring wrong static label-range or duplicated static labels for l2circuit or LDP-based VPLS, the instance will not be up.
PR Number Synopsis Category: Layer 2 Circuit issues
1511783 The rpd process might crash after removing the last configured interface under the l2circuit neighbor.
On all Junos platforms, rpd crash may be observed after removing the last interface configured under the l2circuit neighbor which is in fact active.
1512834 The rpd process might crash when deleting the l2circuit configuration in a specific sequence.
If l2circuit local-switching is enabled with connection-protection, the rpd could crash in the following configuration change sequence. 1. First, delete the logical interface (IFL) used by a l2circuit and commit the change. 2. Then, delete the corresponding l2circuit configuration. The rpd could crash after committing the change.
PR Number Synopsis Category: Multiprotocol Label Switching
1517018 The rpd process might crash after upgrading Junos OS Release 18.1 to a later release.
The rpd might continuously crash after upgrading pre Junos OS Release 18.1 to Junos OS Release 18.1 and later while graceful-restart and RSVP/static LSP are configured. This is because there is a change in the data structure written to the restart database file from Junos OS Release 18.1 and later. So, when rpd comes up and tries to read the restart database file written by pre Junos OS Release 18.1 image, the rpd might crash.
PR Number Synopsis Category: OS IPv4/ARP/ICMPv4
1511833 The kernel might crash causing the router or the Routing Engine to reboot when making virtual IP related change
On all Junos platforms with VRRP enabled, if delete and add any configuration which involves the virtual IP in the same commit, the kernel might crash. When this happens, the system or the RE will reboot.
PR Number Synopsis Category: FreeBSD Kernel Infrastructure
1518898 The kernel might crash if a file/directory is accessed for the first time and is not created locally
On the Junos with Virtual Filesystem (VirtFS), if a file/directory is accessed for the first time and is not created locally, the kernel might crash and generate a vmcore file. Junos might reboot due to this issue.
1537696 Errors seen when dumping vmcore on EX-3400 series
EX3400 and EX2300 hang while trying to generate core files.
PR Number Synopsis Category: vMX Platform Infrastructure related issue tracking
1493805 Viewing a large file from vFPC console may hog the console.
Viewing a large file from vFPC console using "cat" application may hog the console.
PR Number Synopsis Category: PTP related issues.
1527612 The transit PTP packet might be unexpectedly modified when passing through MPC2E-NG/MPC3E-NG/MPC5E
If timestamping the packet at the physical layer (also known as PHY timestamping) is enabled for Precision Time Protocol (PTP), the transit PTP packets passing through the MPC2E-NG/MPC3E-NG/MPC5E might be modified to have huge value in Correction Field of the PTP packet even though there is not PTP port configured on these line cards. If the transit PTP packets are used for synchronizing downstream node, the clock frequency drift could be seen. The current fix in this PR is only applicable for G.8275.1 PTP profile.
PR Number Synopsis Category: QFX platform optics related issues
1504630 "Media type" in show interface command is displayed as "Fiber" for SFP-10G-T
On QFX series, "Media type" in show interface command is displayed as "Fiber" for SFP-10G-T
PR Number Synopsis Category: QFX VC Infrastructure
1497563 Virtual Chassis is not stable with 100-Gigabit Ethernet and 40-Gigabit Ethernet interfaces.
In QFX5110 platform with Virtual Chassis (VC) scenario, VC might not get formed and can cause traffic loss if the 100G VCP ports are deleted and created, or changed from 40G to 100G or vice-versa. For the reason is that Forward Error Correction (FEC) should not be enabled when the physical interface is working as a VCP port.
PR Number Synopsis Category: RPM and TWAMP
1533025 There is a TWAMP interoperability issue between Junos OS releases.
PR 1434740 (which is fixed in 19.1R2 19.2R1-S4 19.2R2 19.3R1) corrected a timeout format in Two-Way Active Management Protocol (TWAMP) so as to comply with RFC 5357. However, it causes TWAMP interoperability issue between Junos releases with and without the fix of PR 1434740. If Junos release without PR 1434740 is used on TWAMP client and Junos release with PR 1434740 is used on TWAMP server, only the first TWAMP test iteration runs, after that, the TWAMP server will terminate both the TWAMP control connection and TWAMP test sessions because the timeout condition is not triggered by the TWAMP server due to the timeout counter having an invalid value (i.e. a negative value). If TWAMP client does not support TWAMP Auto-Restart feature (supported from Junos 19.1R1), TWAMP client have to start the TWAMP control connection once again using the "request services rpm twamp start client", irrespective of test-count value. This PR fix resolves this TWAMP interoperability issue.
PR Number Synopsis Category: Generic platform and infra issues for MS-MIC and MS-MPC(XLP)
1489942 Prolonged flow control might occur with MS-MPC or MS-MIC.
On MX platforms with MS-MPC/MS-MIC, if there are lots of self-generated packets like TCP-tickle and UDP-logging, there might be data congestion on the data path due to no throttling functionality for such types of packets. When the data path is blocked, prolonged flow-control might happen with the service interfaces being brought down and the PIC reboot. At the same time, the mspmand core file will be generated if dump-on-flow-control is enabled.
PR Number Synopsis Category: SRX-1RU platfom related protocol, QoS, filtering features et
1515046 VRRP does not work on the reth interface with a VLAN ID greater than 1023.
When a redundant Ethernet (reth) interface has vlan-tagging configured and is part of a VRRP group, the SRX/vSRX is unable to allocate the VIP to the reth interface if the vlan-id configured is greater than 1023. As a result, VRRP does not work.
PR Number Synopsis Category: Issues related to broadband edge apps (PPP, DHCP) on Trio ch
1529602 In the subscriber management environment, the RADIUS interim accounting records does not get populated with the subscriber statistics.
In subscriber management environment, RADIUS interim accounting records are not populated with the subscriber statistics after system reboot. In this case, the MAC of the routing engine is not learned by the nextgen-stats manager on the PFE. Use the following command to verify the problem. "request pfe execute target fpc0 command "show nextgen-stats manager" Nextgen Manager microcode stats: ================================== Interim stats push from ASIC supported : Yes Is ucode running : Yes configured values: gen num : 17 interval slow : 300000 ms interval fast : 60000 ms callout period : 1 ms vlan_re0 : 0 vlan_re1 : 2 ip re0 : 0x80000001 ip re1 : 0x80000006 mac re0 : 0x000000000000 <-----------not programmed mac re1 : 0x020100000005 <----------- programmed src ip : 0x8000001b version : 0 member id : 0
PR Number Synopsis Category: Trio pfe qos software
1523881 Configured scheduler-map is not applied on ms- interface if the service PIC is in the Offline state during commit
On MX platforms with MS-MPC/MS-MIC card installed, when configuring Class of Service (CoS) scheduler-map on ms- interface, if the corresponding service PIC is in offline state at the moment of configuration commit, the configured scheduler-map will not get applied to the ms- interface after the PIC is brought online.
PR Number Synopsis Category: Trio pfe bridging, learning, stp, oam, irb software
1494594 Packets get dropped when next hop is IRB over an lt interface.
On MX series platforms, when a route's next-hop is an IRB interface with lt- as the underlying L2 interface, it is not getting programmed on PFE, resulting in packet drop.
PR Number Synopsis Category: VSRX platform software
1402028 Azure vSRX3.0:SSH public key authentication is NOT supported on deployment
On Microsoft Azure deployments, SSH public key authentication is not supported for vSRX 3.0 CLI and portal deployment.

19.4R2-S2 - List of Known issues

PR Number Synopsis Category: NFX Series Platform Software
1462556 Junos OS: NFX350: Password hashes stored in world-readable format (CVE-2020-1669)
The Juniper Device Manager (JDM) container, used by the disaggregated Junos OS architecture on Juniper Networks NFX350 Series devices, stores password hashes in the world-readable file /etc/passwd. This is not a security best current practice as it can allow an attacker with access to the local filesystem the ability to brute-force decrypt password hashes stored on the system. Refer to for more information.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1486632 On the QFX 5100-48T-6Q Virtual Chassis or Virtual Chassis fan, the following error message is observed while copying image to the Virtual Chassis fan member and trying to downgrade the image: rcp for member 14, failed.
On QFX 5100-48T-6Q VC/VCF, Observed error message "rcp for member 14, failed" while copying image to VCF member. when trying to downgrade the image
1500508 On the QFX5100 Virtual Chassis or Virtual Chassis fan, traffic loss on multiple traffic streams is observed after reboot and the interfaces of the Virtual Chassis node flaps.
On QFX5100 VC/VCF : Observing traffic loss on multiple traffic streams after reboot and flapping the interfaces of the VC node
1508133 Traffic loss occurs in the BGP streams while triggering GRES and reboot with the base configuration.
On QFX5100-VC, traffic loss is observed in BGP streams while doing the triggers GRES & Reboot with base configurations.
PR Number Synopsis Category: CoS support on ACX
1488935 The queue statistics are not as expected after configuring the physical interface and logical interface shaping with the transmit rate and scheduler-map.
On ACX platforms with shaping configured, after deactivating and activating CoS the shaping might not work and traffic drop would appear. Not fixed on 19.2R3-S1. Fixed in higher releases.
PR Number Synopsis Category: Argus Platform issues
1480217 On the ACX6360 router, the disk usage might keep increasing.
On PTX1000/ACX6360 Series platforms, the vmhost disk usage might keep increasing due to an incorrect sensor path.
PR Number Synopsis Category: build and packaging related PRs and features using WRL Yocto
1470217 The router might become nonresponsive and bring the traffic down when the disk space becomes full.
On the PTX10001/ACX6360 platforms, the unionfs filesystem may get full on vmhost, this bacause there is a mail package in the WRlinux 8 continue to fill the mail logs into the unionfs filesystem. This issue will cause the router to hand and bring traffic down.
PR Number Synopsis Category: Sflow on qfx10k/ptx series PRs for defect & enhancement req
1521732 Output interface index in SFLOW packet is zero when transit traffic is observed on the IRB interface with VRRP enabled
When VRRP is enabled on IRB interface and SFLOW is enabled on QFX10000 Series platforms, output interface Index in SFLOW packet will be zero for the traffic destined to VRRP MAC address.
PR Number Synopsis Category: IPSEC/IKE VPN
1517262 The flowd might crash in IPsec VPN scenario
On SRX platforms with IPsec VPN configured, the flowd might crash during the IPsec VPN rekey window. The traffic/service might be impacted if hitting this issue.
PR Number Synopsis Category: FreeBSD Kernel Infrastructure
1505864 The installation fails when upgrading from legacy Junos to specific BSDx based Junos
The installation might fail when upgrading from legacy Junos (before Junos 15.1) to higher BSDx based Junos releases (Junos 15.1 and after).
PR Number Synopsis Category: RPD Interfaces related issues
1469873 With the BGP rib-sharding and update-threading, traffic drops 100 percent in the BGP Layer 3 VPN streams, post the removal or restoration configuration.
This issue observed with BGP rib-sharding and update-threading configuration which has SCALE VRFs and below steps are performed. 1. Delete all VRFs. 2. Rollback or reconfigure the same VRFs immediately. The issue can also be seen if the above steps are performed directly or indirectly such as loading configuration which doesn't have VRFs and rollbacking immediately.
PR Number Synopsis Category: Web-Management UI
1513612 Installing J-Web application package may fail on the EX2300/EX3400 platforms
On the EX2300/EX3400 platforms, J-Web application package may fail to be installed with the affected releases.
PR Number Synopsis Category: Unified Services Framework
1529224 Non-impacting error message is seen in the message logs: IFP error> ../../../../../../../../../src/pfe/usp/control/applications/interface/ifp.c@3270:(errno=1000) tunnel session add failed.
SPC3 related 'IFP tunnel session add' messages in the logs.
Modification History:
First publication date 2020-10-20
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search