Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

17.4R2-S12: Software Release Notification for JUNOS Software Version 17.4R2-S12

0

0

Article ID: TSB17907 TECHNICAL_BULLETINS Last Updated: 09 Nov 2020Version: 1.0
Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, MX, PTX, QFX, NFX, SRX, VRR, vMX, vSRX
Alert Description:
Junos Software Service Release version 17.4R2-S12 is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

Junos Software service Release version 17.4R2-S12 is now available.

17.4R2-S12 - List of Fixed issues
PR Number Synopsis Category: EX2300/3400 PFE
1466423 The broadcast and multicast traffic might be dropped over IRB or LAG interface in QFX/EX VC scenario
Product-Group=junos
On QFX5000/EX2300/EX3400/EX4600 Virtual Chassis (VC) platforms, the broadcast and multicast traffic might get dropped over some of the Link Aggregation Group (LAG) or Integrated Routing and Bridging (IRB) interfaces. Due to this issue, all the routing protocols replying on broadcast/multicast traffic would not be able to setup neighbor sessions, for example, some of the Open Shortest Path First (OSPF) sessions might be stuck in "Init" state over LAG or IRB interfaces.
PR Number Synopsis Category: CoS support on ACX
1522941 The show class-of-service interface command does not show classifier information.
Product-Group=junos
This is a display issue. Due to misread in PFE registers, classifier is not shown in "show class-of-service interface" output
PR Number Synopsis Category: JUNOS kernel/ukernel changes for ACX
1509402 PFE crash might be seen and the FPC may remain down on ACX710 platform
Product-Group=junos
On ACX710 platform, after the PTP(Precision Time Protocol) configuration is removed and the router is rebooted, the PFE might crash and the FPC remains down if PTP traffic is still coming into the router. This issue might also happen when SyncE is configured. This causes the router to crash and not come up.
PR Number Synopsis Category: Bi Directional Forwarding Detection (BFD)
1516556 The remaining BFD sessions of the aggregated Ethernet interface flap continuously if one of the BFD sessions is deleted.
Product-Group=junos
On QFX10k platforms, if multiple sub-interfaces of the same AE (Aggregated Ethernet) interface are belonged to different routing instances, and these sub-interfaces are configured with the same IP address and configured with separate BFD (Bidirectional Forwarding Detection) sessions, the remaining BFD sessions will flap continuously if one of these BFD sessions is deleted.
PR Number Synopsis Category: Border Gateway Protocol
1483097 The BGP RPKI ROA withdrawal might lead to an unexpected BGP route flap.
Product-Group=junos
Originally, when an RPKI RTR server or an RPKI Validator withdraws ROAs they are marked as "stale" and then flushed when the garbage collection timer runs out. For the short period of time, this might result in incorrect validation status. If there's an egress BGP policy which suppresses routes with RPKI status of invalid, the affected prefixes will be withdrawn and then, when the correct route validation status is reclaimed, re-advertised. With the fix, the withdrawn ROAs are deleted from the validation database immediately.
PR Number Synopsis Category: Issues regarding Capella related OTN/Software.
1419204 RX alarms are not set as according to the threshold value configured for the DCO Tunable Optics.
Product-Group=junos
MDIO (Management data input/output) is a serial management interface for handling read/write access of the registers on the OTN CFP2. Due to a regression issue, MDIO returns command error for the write operation on the registers for the received optical power threshold. Hence the values for the received optical power threshold are not set correctly and the contents of the registers for received optical power thresholds are left to zero. Below syslog error messages are observed from the FPC ac200_dcfp2_cfp_write: MDIO command error, err status 8000, err addr b03c <<< ac200_dcfp2_cfp_write: MDIO command error, err status 8000, err addr b03d <<<
PR Number Synopsis Category: Device Configuration Daemon
1519334 Junos OS: Buffer overflow vulnerability in device control daemon (CVE-2020-1664)
Product-Group=junos
A stack buffer overflow vulnerability in the device control daemon (DCD) on Juniper Networks Junos OS allows a low privilege local user to create a Denial of Service (DoS) against the daemon or execute arbitrary code in the system with root privilege. Please refer to https://kb.juniper.net/JSA11061 for more information.
PR Number Synopsis Category: EVPN Layer-2 Forwarding
1420294 ARP entry and PFE programming is still pointing to incorrect VTEP after MAC route update conditions
Product-Group=junos
In EVPN/VXLAN scenario, Type 2 EVPN MAC route not updated properly in L2ALD and hence kernel and pfe has wrong programming.
1498023 The l2ald memory leakage might be observed in any EVPN scenario.
Product-Group=junos
In any EVPN scenario (for example, active-active multi-homing mode, active-standby multi-homing mode, EVPN-VXLAN, or EVPN-MPLS), the l2ald memory might slowly come up when the local CE device or core face interfaces continuously flap. If the memory of l2ald is exhausted, it causes the l2ald to crash.
PR Number Synopsis Category: Integrated Routing & Bridging (IRB) module
1484721 ARP entry may not be created in the EVPN-MPLS environment
Product-Group=junos
In the EVPN-MPLS environment, if a VLAN is created without having it in "protocols evpn extended-vlan-list", then adding it, the ARP entry may not be created on the device even it receives the ARP packets through the newly added VLAN.
PR Number Synopsis Category: jdhcpd daemon
1511782 Junos OS: Receipt of malformed DHCPv6 packets causes jdhcpd to crash (CVE-2020-1671)
Product-Group=junos
On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a malformed DHCPv6 packet is received, resulting with the restart of the daemon. Refer to https://kb.juniper.net/JSA11068 for more information.
PR Number Synopsis Category: Layer 2 Circuit issues
1511783 The rpd process might crash after removing the last configured interface under the l2circuit neighbor.
Product-Group=junos
On all Junos platforms, rpd crash may be observed after removing the last interface configured under the l2circuit neighbor which is in fact active.
PR Number Synopsis Category: Layer2 forwarding on EX/NTF/PTX/QFX
1381272 IRB interface does not turn down when master of Virtual Chassis is rebooted or halted.
Product-Group=junos
On Virtual Chassis (VC) based on EX4300/EX4600/EX9200/QFX3500/QFX3600/QFX5100, IRB interface which is associated with AE interfaces having member interfaces only from master chassis may not turn down when master chassis is rebooted or halted.
1512802 Memory leak on l2ald might be seen when adding or deleting the routing-instances or bridge-domains configuration.
Product-Group=junos
Memory leak on l2ald might be seen when adding/deleting the routing-instances/bridge-domains configuration.
PR Number Synopsis Category: L2TP service related issues
1472775 MX Series L2TP fails to forward the agentCircuitId and agentRemoteId AVP toward the LNS.
Product-Group=junos
MX L2tp LTS fails to forward the agentCircuitId and agentRemoteId AVP received from the LAC towards the LNS.
1532750 Destination lockout functionality does not work at the tunnel session level when CDN code is received.
Product-Group=junos
Destination should be lockout state when CDN received with proper error code. We have hidden knob to trigger destination in lockout state.
PR Number Synopsis Category: lacp protocol
1395943 After GRES switchover, LACP will be down on peer device and never been recovered automatically
Product-Group=junos
On VC series platforms, RE switchover will cause LACP down on peer device as the LACP does not sync between master and backup RE.
PR Number Synopsis Category: Label Distribution Protocol
1538124 The rpd process might crash when the LDP route with indirect next hop is deleted on the aggregated Ethernet interface.
Product-Group=junos
If the Label Distribution Protocol (LDP) route with indirect next-hop exists (e.g. LDP egress-policy is used to advertise BGP route into LDP), the rpd might crash when the LDP route is deleted from the AE interface.
PR Number Synopsis Category: Multiprotocol Label Switching
1427414 MPLS LSP auto-bandwidth statistics miscalculations might lead to high bandwidth reservation.
Product-Group=junos
With auto-bandwidth configured for Resource Reservation Protocol (RSVP) Label Switched Path (LSP), when current stats collected are lower than previous values, the current stats is used to calculate rate and the rate can be skewed, hence large bandwidth might be wrongly reserved for the LSP. If there is no sufficient resources (e.g. bandwidth, alternative path) in the network, other LSPs might be torn down, or might not go up.
PR Number Synopsis Category: MX104 Software - PHY drivers
1376574 Interface optic output power is not zero when the port has been disabled
Product-Group=junos
When using XFP, the interface optic output could be non-zero value even when the port has been administratively disabled.
PR Number Synopsis Category: Track Mt Rainier SPMB platform software issues
1460992 Hardware failure in CB2-PTX causes traffic interruption.
Product-Group=junos
In PTX 3000/5000 platforms with CB2-PTX (Control Board), there is an existence of an errata on a clock signal component manufactured by a third-party supplier, which might cause the Switch Processor Mezzanine Board (SPMB) and Switch Interface Boards (SIBs) failure, eventually, traffic will be interrupted.
PR Number Synopsis Category: OS IPv4/ARP/ICMPv4
1496429 The Routing Engine might crash when a large number of next hops are quickly deleted and added again in a large ARP or ND scaled scenario.
Product-Group=junos
On all Junos platforms with large ARP/ND scale scenario, if a large number of nexthops are deleted and re-added very quickly (such as a result of link flap), the memory corruption might occur and eventually cause RE crash.
PR Number Synopsis Category: Kernel Composite Next Hop (composite / l3vpn) Infrastructure
1287956 Not following the guideline of rebooting entire chassis after changing chassis network-services configuration can cause vmcore and crash of FPCs/routing-engines on chassis.
Product-Group=junos
When configuration at hierarchy [edit chassis network-services] is changed a reboot of chassis is needed to avoid any unexpected behavior. One such behaviour is an assert condition due to issues in nexthop allocation leading to vmcore and reboot of FPCs/REs on the chassis. This PR introduces changes to handle such assert conditions gracefully and to avoid FPC/RE crash. The guideline of rebooting the entire chassis when configuration change is made is still valid.
PR Number Synopsis Category: FreeBSD Kernel Infrastructure
1505864 The installation fails when upgrading from legacy Junos OS to specific BSDx-based Junos OS.
Product-Group=junos
The installation might fail when upgrading from legacy Junos (before Junos 15.1) to higher BSDx based Junos releases (Junos 15.1 and after).
1518898 The kernel might crash if a file/directory is accessed for the first time and is not created locally.
Product-Group=junos
On the Junos with Virtual Filesystem (VirtFS), if a file/directory is accessed for the first time and is not created locally, the kernel might crash and generate a vmcore file. Junos might reboot due to this issue.
PR Number Synopsis Category: PE based L3 software
1500798 BFD sessions flap after deactivating or activating the aggregated Ethernet interface or executing GRES.
Product-Group=junos
On QFX10008 platforms, if the BFD is configured over an AE interface (member link across multiple FPCs), deactivating/activating the AE interface or executing GRES will cause the BFD sessions to flap.
PR Number Synopsis Category: Protocol Independant Multicast
1487636 The rpd might crash when perform GRES with MSDP configured
Product-Group=junos
On all Junos platforms, when execute Graceful Routing Engine Switchover (GRES) with Multicast Source Discovery Protocol (MSDP) enabled, rpd might crash on new master Routing Engine (RE). The issue could be automatically recovered after rpd successful self-restart. This is a timing and regression issue.
PR Number Synopsis Category: Interface related issues. Port up/down, stats, CMLC , serdes
1449406 CRC error might be seen on the VCPs of the QFX5100 Virtual Chassis.
Product-Group=junos
In QFX5100 VC (Virtual Chassis) scenario, CRC (Cyclic Redundancy Check) error might be seen on the VCPs (Virtual Chassis Port) when the VCPs are "BCM84328 PHY" ports. The CRC error indicates there is data corrupt, the issue might reduce the system performance. The issue can be avoided by using non-"BCM84328 PHY" ports as VCPs to build the VC.
PR Number Synopsis Category: QFX Platform related (SYSLOG/ALARMS/miscellaneous)
1383608 DMA failure errors might be observed when the cache is full or flushes. These errors might cause the device not to accept the SSH credentials and crash the Virtual Chassis.
Product-Group=junosvae
The DMA failure errors might be seen when the cache flush or the cache is full. It might cause the device not to accept ssh credentials and Virtual-Chassis to go into the hang state.
PR Number Synopsis Category: QFX platform optics related issues
1430115 Interface on QFX does not come up after the transceiver is replaced with one having different speed
Product-Group=junos
On QFX series platforms, interface may not come up when the transceiver is replaced with another transceiver which has different speed.
PR Number Synopsis Category: QFX L2 PFE
1408058 Traffic forwarding failed when crossing VCF members
Product-Group=junos
In VCF scenario, if one member of the VCF reboot, when transit unicast traffic across non-directly connected VCF members, traffic forwarding might fail.
PR Number Synopsis Category: QFX VC Infrastructure
1389872 FPC might crash on QFX5100 platforms in a large-scale scenario
Product-Group=junos
On QFX5100 platforms, if the size of the configuration is huge, when upgrade from a lower release to a higher one, the FPC might crash.
PR Number Synopsis Category: RPD Next-hop issues including indirect, CNH, and MCNH
1458595 The rpd process might crash if a BGP route is resolved over the same prefix protocol next hop in an inet.3 table that has both RSVP and LDP routes.
Product-Group=junos
In race condition, if a BGP route is resolved over the same prefix protocol next hop in an inet.3 table that has both RSVP and LDP routes, when the RSVP and LDP routes are flapping (firstly these routes are down and then up), the BGP route will be re-resolved, and then the rpd crash might be seen.
PR Number Synopsis Category: RPD route tables, resolver, routing instances, static routes
1459384 The rpd memory leak might be observed on the backup Routing Engine due to BGP flap
Product-Group=junos
In a BGP scenario when certain routes are flapping frequently, it could lead to rpd memory leak on backup Routing Engine. The rpd might crash and restart once the rpd runs out of memory for certain junos releases.
1498377 The route entries might be unstable after being imported into inet6.x RIB via rib-group
Product-Group=junos
When inet6.x (such as 6.1/6.2/6.3, and so on) is used as a non-primary RIB by rib-group, the import function issue might cause the route entries not to be modified correctly for IPv6 format, it might lead the received routes not to be imported successfully into the inet6.x RIB of the routing protocols. Then the network reachability might be impacted.
PR Number Synopsis Category: RPM and TWAMP
1434740 TWAMP session keep pending state when co-operate with non-Juniper device
Product-Group=junos
When a Juniper device co-operates with non-Juniper device on TWAMP feature, both sides will keep the control connection in pending state because of a difference in the formats of the timeout values exchanged. With this fix, 1. when the Juniper TWAMP client is on 19.1R2 or later releases and Juniper TWAMP server is on old releases (before 19.1R2 or lower), then there is a break in the interoperability between TWAMP client and TWAMP server. Only the first test iteration runs. After that, TWAMP server terminates the control connection as the timeout condition is not triggered by the TWAMP server due to the timeout counter having a negative value. TWAMP client must start the control connection once again using the "request services rpm twamp start client" if the test-count !=0. When the test-count = 0, thanks to the auto-restart feature (introduced with RLI-38342, starting from 19.1R1 onward), there is no need to restart the TWAMP client manually. 2. When the Juniper TWAMP client is on old releases (before 19.1R2 or lower) and Juniper TWAMP server is on 19.1R2 or later releases, then there is again a break in the interoperability between TWAMP client and TWAMP server. Only the first test iteration runs. After that, TWAMP server terminates the control connection as the timeout condition is not triggered by the TWAMP server due to the timeout counter having a huge value. TWAMP client must start the control connection( irrespective test-count value) once again using the "request services rpm twamp start client" due to the lack of auto-restart feature(RLI-38342) before 19.1 releases. 3.TWAMP client can be started by using the event-options commands (i.e. to restart it every 3 minutes) obs@obs-mx104-1-re0> show configuration event-options generate-event { CRON-3min time-interval 180; } policy TWAMP { events CRON-3min; then { execute-commands { commands { "request services rpm twamp start client"; } } } }
PR Number Synopsis Category: Generic issues on MS-PIC and MS-DPC related Services feature
1397259 SPD_CONN_OPEN_FAILURE: spd_svc_set_summary_query: unable to open connection to si-0/0/0 (No route to host)
Product-Group=junos
The following SPD failed messages are seen when jnxSpMIB Walk/Query is Polled: Oct 24 16:28:31 spd[5536]: SPD_CONN_OPEN_FAILURE: spd_svc_set_summary_query: unable to open connection to si-0/1/0 (No route to host) Oct 24 16:28:31 spd[5536]: SPD_CONN_FAILURE: Connection did not succeed (Pic is down or busy) error: libservicesui: Unable to connect to 128.0.1.16 at fpc-slot 0 and pic-slot 0 after 1 retries (errno = 65) NOTE: There is no functionality break due to these error logs. SNMP svc-set queries are not supported for MX Series inline services.
PR Number Synopsis Category: Generic platform and infra issues for MS-MIC and MS-MPC(XLP)
1402260 The mspmand process might crash with lots of error logs seen in high scaled MX platforms with MS-MPC/MS-MIC
Product-Group=junos
On MX platforms with MS-MPC/MS-MIC, if "services-options tcp-tickles" is enabled for the Transmission Control Protocol (TCP) traffic which needs TCP tickles packets, when there are high scale of application sessions and traffic loaded (e.g. 200K sessions), there might be lots of error logs observed, together with the service interface flapping and the mspmand process crash.
1453811 Delay in freeing processed defragment buffers lead to prolonged flow control and might crash.
Product-Group=junos
On Juniper Networks Junos MX Series with service card configured, receipt of a stream of specific packets may crash the MS-PIC component on MS-MIC or MS-MPC. Refer to https://kb.juniper.net/JSA11037 for more information.
1489942 Prolonged flow control might occur with MS-MPC or MS-MIC
Product-Group=junos
On MX platforms with MS-MPC/MS-MIC, if there are lots of self-generated packets like TCP-tickle and UDP-logging, there might be data congestion on the data path due to no throttling functionality for such types of packets. When the data path is blocked, prolonged flow-control might happen with the service interfaces being brought down and the PIC reboot. At the same time, the mspmand core file will be generated if dump-on-flow-control is enabled.
PR Number Synopsis Category: Issues related to broadband edge apps (PPP, DHCP) on Trio ch
1523631 MPC1/2/3/4/5/6 might reboot after performing IP Packet Fragment Reassembly with L2TP or GRE
Product-Group=junos
In MX with MPC1/2/3/4/5/6 scenario, if IP Packet Fragment Reassembly is configured with L2TP or GRE, some errors and some exception events related to IP Packet Fragment Reassembly might happen on MPCs, the fragment packets might not be processed correctly by PFE. Then MPC1/2/3/4/5/6 might reboot automatically.
PR Number Synopsis Category: Trio pfe qos software
1523881 Configured scheduler-map is not applied on ms- interface if the service PIC is in the Offline state during commit
Product-Group=junos
On MX platforms with MS-MPC/MS-MIC card installed, when configuring Class of Service (CoS) scheduler-map on ms- interface, if the corresponding service PIC is in offline state at the moment of configuration commit, the configured scheduler-map will not get applied to the ms- interface after the PIC is brought online.
PR Number Synopsis Category: Trio pfe microcode software
1452261 In an Ethernet frame padding with VLAN scenario, if the fragment is a must, the VLAN Ethernet padding is required to minimize the frame size when the Ethernet frame length is less than 68 bytes, and equal to or greater than 64 bytes. But if the VLAN Ethernet padding is configured on a vlan-tagging enabled Ethernet interface, the fragment might not work correctly. The MPC error might be observed and the traffic might get lost.
Product-Group=junos
In an Ethernet frame padding with VLAN scenario, if the fragment is a must, the VLAN Ethernet padding is required to minimize the frame size when the Ethernet frame length is less than 68 bytes, and equal to or greater than 64 bytes. But if the VLAN Ethernet padding is configured on a vlan-tagging enabled Ethernet interface, the fragment might not work correctly. The MPC error might be observed and the traffic might get lost.
 

17.4R2-S12 - List of Known issues
PR Number Synopsis Category: EX4300 PFE
1376504 On EX4300-48MP, syslog error "Error in bcm_port_sample_rate_set(ifl_cmd) : Reason Invalid port" is seen.
Product-Group=junos
On EX4300-48MP, while running regression scripts, got syslog error "On EX4300-48MP, while running regression scripts, got"
PR Number Synopsis Category: Marvell based EX PFE MISC
1337008 PFE core seen only once during image downgrade to 17.4T
Product-Group=junos
This issue is specific to a downgrade(17.4T) and a core file is seen only once during the downgrade because of a timing issue in the sdk toolkit upgrade. After the upgrade, dcpfe recovers on its own and no issues are seen after that.
PR Number Synopsis Category: NFX Series Platform Software
1462556 Junos OS: NFX350: Password hashes stored in world-readable format (CVE-2020-1669)
Product-Group=junos
The Juniper Device Manager (JDM) container, used by the disaggregated Junos OS architecture on Juniper Networks NFX350 Series devices, stores password hashes in the world-readable file /etc/passwd. This is not a security best current practice as it can allow an attacker with access to the local filesystem the ability to brute-force decrypt password hashes stored on the system. Refer to https://kb.juniper.net/JSA11066 for more information.
PR Number Synopsis Category: QFX PFE L2
1455161 Unequal LAG hashing might happen on QFX devices
Product-Group=junos
On QFX5100/QFX5110/QFX5120/QFX5200/QFX5210 Series platforms with load-balance configuration, the uneven traffic distribution might be seen on the link aggregation group (LAG) interfaces.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1444845 On the QFX5100 Virtual Chassiss, the CRC errors might be observed.
Product-Group=junos
In QFX5100 Virtual Chassis(VC) scenario, if the VC connections are disconnected for any reason, like rebooting the switch or pulling out the optical module, the CRC errors and packets loss might be seen when the VC connections resume working again. Due to the VCP ports are not getting initialized properly.
1455547 Core files might get generated during the addition or removal of the EVPN type-5 routing instance.
Product-Group=junos
On QFX platforms, the coredump might occur during adding/removing EVPN Type-5 routing instance. The EVPN route would be corrupted and traffic/service impact appears if hitting the issue.
1486632 System upgrade/installation might fail on QFX 5100-48T-6Q VC/VCF
Product-Group=junos
On QFX 5100-48T-6Q VC/VCF, RCP error might be seen while upgrading the system using "request system software add  no-validate" and system upgrade/ installation could fail. This issue happens if DCPFE cpu utilization is very high.
PR Number Synopsis Category: CoS support on ACX
1531413 "show class-of-service routing-instance" is not showing configured classifier on ACX platforms
Product-Group=junos
This classifier display got blocked due to PR 1353828, where they are blocking the classifier display function as ACX supports only IFD based classification. With fix of PR1531413, it made an exception to IFL lsi interface attached to layer 3 vpn routing-instances
PR Number Synopsis Category: jdhcpd daemon
1430874 Junos OS: jdhcpd process crash when forwarding a malformed DHCP packet. (CVE-2020-1661)
Product-Group=junos
On Juniper Networks Junos OS devices configured as a DHCP forwarder, the Juniper Networks Dynamic Host Configuration Protocol Daemon (jdhcp) process might crash when receiving a malformed DHCP packet. Refer to https://kb.juniper.net/JSA11056 for more information.
PR Number Synopsis Category: IPSEC/IKE VPN
1517262 The flowd might crash in IPsec VPN scenario
Product-Group=junos
On SRX platforms with IPsec VPN configured, the flowd might crash during the IPsec VPN rekey window. The traffic/service might be impacted if hitting this issue.
PR Number Synopsis Category: Multicast for L3VPNs
1425876 MVPN using PIM dense mode does not prune the OIF when PIM prune is received.
Product-Group=junos
In the MVPN (Multicast Virtual Private Network) scenario, when PIM Dense mode is used, the egress PE might not prune the OIF (outgoing interface) when PIM prune is received.
PR Number Synopsis Category: PE based L3 software
1518106 The BFD sessions might flap continuously after disruptive switchover followed by GRES.
Product-Group=junos
Disruptive switchover (no GRES or NSR configured) can lead to stale PPM (Periodic Packet Management) entries programmed on the new master RE, if both GRES and NSR are activated after disruptive switchover and then a GRES switchover is performed, BFD sessions might flap continuously.
PR Number Synopsis Category: Protocol Independant Multicast
1542573 Continuous rpd crash might be seen if "static group" is added into "protocol pim"
Product-Group=junos
when the static group is configured under protocols pim, continuous rpd crash might happen, which will eventually cause rpd to be down. Please use IGMPv3 static join instead if not otherwise instructed to avoid this issue.
PR Number Synopsis Category: Filters
1455177 A firewall filter might not be able to be applied in a particular VC/VCF member as TCAM space running out
Product-Group=junos
On QFX51/EX4300/EX4600 VC/VCF scenario with Vxlan used, when configuring a firewall filter and commit, the firewall filter might not be able to be applied in a particular VC/VCF member for TCAM space running out.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1406242 QFX5200/5100 might not be able to send out control plane traffic to the peering device
Product-Group=junos
On all QFX5200/5100 platforms, the router might not be able to send out control plane traffic to the peering device along with "Failed to allocate 16384 DMA memory" messages. All the routing protocols running over the affected interfaces will be down due to this issue, and therefore it impacts the service.
PR Number Synopsis Category: Trio pfe bridging, learning, stp, oam, irb software
1472222 The following line card errors are seen: HALP-trinity_nh_dynamic_mcast_add_irb_topo:3520 snooping-error: invlaid IRB topo/ IRB ifl zero in l2 nh 40495 add IRB.
Product-Group=junos
Linecard Errors found at HALP-trinity_nh_dynamic_mcast_add_irb_topo:3520 snooping-error: invlaid IRB topo/ IRB ifl zero in l2 nh 40495 add IRB
PR Number Synopsis Category: Configuration management, ffp, load action
1427962 Changing nested apply-groups does not occur
Product-Group=junos
When the nested apply-groups applied is deleting, the logical interface under the nested groups is not removed.
PR Number Synopsis Category: Web-Management UI
1513612 Installing J-Web application package may fail on the EX2300/EX3400 platforms
Product-Group=junos
On the EX2300/EX3400 platforms, J-Web application package may fail to be installed with the affected releases.
 
Modification History:
First publication 2020-11-09
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search