Search our Knowledge Base sites to find answers to your questions.
Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles18.4R2-S6: Software Release Notification for JUNOS Software Version 18.4R2-S6
Junos Software service Release version 18.4R2-S6 is now available.
18.4R2-S6 - List of Fixed issues| PR Number | Synopsis | Category: Bi Directional Forwarding Detection (BFD) |
|---|---|---|
| 1410021 | BFD link failure detection of the broken path gets delayed when IGP link-state update is received from the same peer through an alternative path. Product-Group=junos |
Under BFD for IGP scenario, there is more than one path existing between the two IGP peers. If the IGP (OSPF or ISIS) peer receives IGP link-state update through an alternative path when one of the paths is down and BFD session of this link is a timeout, BFD hold timer will refresh which finally causes a delay on BFD link-failure detection. |
| PR Number | Synopsis | Category: Border Gateway Protocol |
| 1517498 | The rpd process might crash after deleting and then adding a BGP neighbor. Product-Group=junos |
In BGP scenario on all Junos platforms, after deleting and re-adding a BGP neighbor, the rpd might crash due to a rare timing issue. |
| PR Number | Synopsis | Category: EVPN control plane issues |
| 1439537 | The RPD process might crash after committing changes Product-Group=junos |
The RPD process might crash after committing changes. This issue might be seen if the following conditions are met: * On EX/QFX switches and applicable for all JUNOS platforms * EVPN is configured Traffic loss may happen due to RPD core. |
| PR Number | Synopsis | Category: Libjtask for RPD tasks, scheduler, timers, memory, and slip |
| 1401396 | The rpd generates the following core files: cmgr_if_route_exists_condition_init, ctx_handle_node, task_reconfigure_complete. Product-Group=junos |
The rpd might crash and restart when condition-manager policy is configured for routing table and the same routing table is repeatedly deleted then re-added. The issue is not fixed in 19.2R1, and it is fixed in 17.4R2-S8-J1 17.4R2-S9 18.2X75-D33 19.2R2 19.2R2-EVO 19.3R1 19.3R1-EVO 19.4R1. |
| PR Number | Synopsis | Category: Integrated Routing & Bridging (IRB) module |
| 1453025 | The IRB traffic might get drop after mastership switchover Product-Group=junos |
In the Virtual-Chassis scenario with mac-persistence-timer enabled, the IRB traffic might get drop after master switchover. |
| PR Number | Synopsis | Category: Layer2 forwarding on EX/NTF/PTX/QFX |
| 1534796 | High rate of ARP or NS packets might be observed between a device that runs Junos OS and host when the device that runs Junos OS receives an ARP or NS packet on an interface in transition. Product-Group=junos |
On Junos device in EVPN scenario, if an interface is in transition status and an ARP request is received on the interface from a host, the Junos device may send out re-arp out towards the host, and the host responds to this re-arp and the Junos device sends another re-arp in response to this arp reply from host. This goes forever causing high rate of arp packets until the interface comes up. This issue is also applicable to ND/NS in IPv6 environment. |
| PR Number | Synopsis | Category: lacp protocol |
| 1463791 | Member links state might be asychronized on a connection between the PE and CE devices in an EVPN active/active scenario. Product-Group=junos |
In EVPN multi-homed active/active scenario, when LACP is enabled on PE-CE child member links and after recovering from a core-isolation on the PE device, the PE-CE child member links might be stuck in Detached state if LACP sync-reset feature is enabled on the CE device. The child links on the CE device might show the LACP state as Collecting Distributing. However, on the PE devices, the LACP state might be shown as Detached. |
| 1505523 | The aggregated Ethernet interface sometimes might not come up after switch is rebooted. Product-Group=junos |
In Junos platforms with LACP and knob "minimum-links" enabled scenario, AE interface might not come up after the switch is rebooted or the AE interface is deactivated/activated. This is because the knob "sync-reset" is enabled. ("sync-reset" is enabled by default on QFX and EX platforms, and it only needs to use when the "minimal link" is not supported on one side of an LACP). |
| PR Number | Synopsis | Category: Multiprotocol Label Switching |
| 1448769 | Deleting constituent-list used by an abstract-hop causes rpd crashed Product-Group=junos |
On MX, PTX and QFX platform, when MPLS traffic engineering (TE) and adminstrative group feature enabled, abstract-hop configuration need to be removed before deleting adminstrative group feature in order to avoid routing protocol daemon (rpd) crash issue. |
| PR Number | Synopsis | Category: OS IPv4/ARP/ICMPv4 |
| 1496429 | The Routing Engine might crash when a large number of next hops are quickly deleted and added again in a large ARP or ND scaled scenario. Product-Group=junos |
On all Junos platforms with large ARP/ND scale scenario, if a large number of nexthops are deleted and re-added very quickly (such as a result of link flap), the memory corruption might occur and eventually cause RE crash. |
| PR Number | Synopsis | Category: Kernel Stats Infrastructure |
| 1508442 | SNMP polling might return an unexpectedly high value for the ifHCOutOctets counter for a physical interface when any jnxDom OID is processed at the same time. Product-Group=junos |
When actual transmitted load is configured for interface as: set interfaces interface-transmit-statistics And ifHCOutOctets OID is polling together with any jnxDom OIDs for the same interface with time interval between pollings equal or less then one second, the resulted value of ifHCOutOctets may be unexpectedly high |
| 1522561 | OID ifOutDiscards reports zero and sometimes shows valid value. Product-Group=junos |
OID ifOutDiscards reports zero and sometimes shows valid value. user@router> show snmp mib get ifOutDiscards.514 | refresh 3 ---(refreshed at 2020-07-10 12:54:07 IST)--- ifOutDiscards.514 = 0 ---(refreshed at 2020-07-10 12:54:10 IST)--- ifOutDiscards.514 = 0 ---(refreshed at 2020-07-10 12:54:13 IST)--- ifOutDiscards.514 = 0 ---(refreshed at 2020-07-10 12:54:16 IST)--- ifOutDiscards.514 = 0 ---(refreshed at 2020-07-10 12:54:19 IST)--- ifOutDiscards.514 = 0 ---(refreshed at 2020-07-10 12:54:22 IST)--- ifOutDiscards.514 = 241974 ---(refreshed at 2020-07-10 12:54:25 IST)--- ifOutDiscards.514 = 241974 ---(refreshed at 2020-07-10 12:54:28 IST)--- ifOutDiscards.514 = 0 ---(refreshed at 2020-07-10 12:54:31 IST)--- ifOutDiscards.514 = 0 |
| PR Number | Synopsis | Category: Chassis mgmt for all QFX systems - chassis MIB, alarms, CLI |
| 1456742 | The laser from the 10G SFP+ interface is still on when the interface is disabled or the device is rebooted Product-Group=junos |
On the QFX5210/QFX5110/QFX5100 platform, the laser is still emitting from 10G SFP+ port even though the interface is disabled or the device is rebooted. It will cause the peer's interface is still up and might impact traffic. |
| 1507044 | The archival function might fail in certain conditions. Product-Group=junos |
If the archival function is enabled with the statement "routing-instance" and transfer mode is set as SFTP/SCP for archive-sites, it may not work and fail to transfer the files. |
| PR Number | Synopsis | Category: QFX Platform related (SYSLOG/ALARMS/miscellaneous) |
| 1454527 | On the QFX5000 line of switches, the dcpfe process crashes due to the usage of data that is not null getting terminated. Product-Group=junosvae |
The dcpfe crash is due to usage of data which is not NULL terminated on QFX5K. |
| PR Number | Synopsis | Category: RPD Next-hop issues including indirect, CNH, and MCNH |
| 1406070 | The rpd might crash or duplicated routes might be seen when you change the configuration with BGP multipath and flapping routes. Product-Group=junos |
On all platforms, if doing configuration change (with BGP multipath) and flapping the IGP/LDP/RSVP routes simultaneously, the rpd crash or duplicated routes might be seen. |
| PR Number | Synopsis | Category: RPD policy options |
| 1538172 | If upgrade to a specific version, the configuration validation may fail and the rpd may crash Product-Group=junos |
On all Junos OS platforms with "set policy-options rtf-prefix-list" configured, if upgrade to a specific version, the device might fail to validate its configuration which eventually causing rpd to crash unexpectedly due to a software fault. |
| PR Number | Synopsis | Category: Resource Reservation Protocol |
| 1368177 | The rpd might restart after an MPLS LSP flap if no-cspf and fast-reroute are configured in an LSR ingress router. Product-Group=junos |
RPD may restart unexpectedly after an MPLS LSP flap when "no-cspf" and "fast-reroute" are configured in LSR ingress router |
| PR Number | Synopsis | Category: MX10003/MX204 Linux issues (including driver issues) |
| 1492121 | MX10003 RCB always detect fire temp and shutdown in short time after downgrade from POST to PRE PR1413210 version Product-Group=junosvae |
Root Cause of the problem: As part of PR-1413210's fix, temperature sensor TMP435's extended binary mode enabled permanently to read negative temperature value correctly, which was causing to read incorrect temperature value(High temperature value) while downgrading the image (any image which doesn't have fix for PR-1413210). Hence high temperature value was forcing system to shutdown. Solution Provided: Extended binary mode is only enabled when required and then disabled again. Hence no issue while downgrading/upgrading the image. |
| PR Number | Synopsis | Category: Trio pfe bridging, learning, stp, oam, irb software |
| 1451559 | In EVPN-VXLAN scenario, sometimes host-generated packets gets dropped as hitting reject route in Packet Forwarding Engine. Product-Group=junos |
The host generated packets might be dropped in the EVPN/VXLAN scenario due to hitting the "reject route" policy in PFE. |
| 1513509 | During route table object fetch failure, the FPC might crash. Product-Group=junos |
Due to rare timing issue, the FPC might crash because of route table object fetch failure in EVPN multihoming scenario. |
| PR Number | Synopsis | Category: Marvell based EX PFE L3 |
|---|---|---|
| 1516883 | Traffic load balancing on Onyx/EX (TD3) platforms with static ECMP hashing Product-Group=junos |
Broadcom asic uses a static hashing and RTAG7 hash algorithm might be alike on each chipset. Hence, it is recommended to fine tune hash parameters based on the Traffic profile used when deviation in load balance is observed. On TD3 chipset based platforms, following configuration is required to fine tune hashing deviation if any 1. set forwarding-options enhanced-hash-key hash-parameters ecmp offset 29 2. set forwarding-options enhanced-hash-key hash-parameters ecmp preprocess |
| PR Number | Synopsis | Category: NFX Series Platform Software |
| 1462556 | Junos OS: NFX350: Password hashes stored in world-readable format (CVE-2020-1669) Product-Group=junos |
The Juniper Device Manager (JDM) container, used by the disaggregated Junos OS architecture on Juniper Networks NFX350 Series devices, stores password hashes in the world-readable file /etc/passwd. This is not a security best current practice as it can allow an attacker with access to the local filesystem the ability to brute-force decrypt password hashes stored on the system. Refer to https://kb.juniper.net/JSA11066 for more information. |
| PR Number | Synopsis | Category: QFX PFE L2 |
| 1261824 | Elit_EVPN-VXLAN : dc-pfe core after adding a IRB in the same routing instance as that of the underlay vtep interface Product-Group=junos |
In EVPN-VXLAN deployment with QFX10k switches, when vxlan enabled IRB interface is configured in the same routing instance as that of the the underlay vtep tunnel and if the remote VTEP interface IP is resolved over the IRB interface using routing protocols or static route, dc-pfe cores would be generated and all the interfaces would go down. dc-pfe cores would be continuously generated until configuration is corrected. |
| 1496766 | Flow control is enabled in PFE irrespective of interface configuration and the fix causes a very small amount of packet loss when a parameter related to an interface such as "interface description" on any port is changed. Product-Group=junos |
On QFX5120 and QFX5210 running JunosOS 18.4R2-S5, 18.4R2-S6, 18.4R3-S5, 19.3R3 releases, there will be a very small amount of packet loss when a parameter related to an interface such as "interface description" on any port is changed. When the parameter is changed, COS buffer modifications is checked. Even when there is no change in previous and present COS buffer state for port, COS buffer modifications is unnecessarily performed and is calling traffic block and unblock and causing a very small amount of packet loss. This will be fixed in the following releases. Junos OS 18.4R2-S7, 18.4R3-S6, 19.3R3-S1 and all subsequent releases. |
| PR Number | Synopsis | Category: Border Gateway Protocol |
| 1456260 | Packet drop and CPU spike on Routing Engine might be seen in certain conditions if labeled-unicast protection is enabled for a CsC-VRF peer. Product-Group=junos |
On all Junos OS platforms under carrier supporting carrier (CsC) scenario, when PE link protection (labeled-unicast protection) is enabled, after one of the redundant links between CsC-CE flap or RSVP-TE LSP re-route from the primary path happens, it might result in slow convergence issue. Packets drop and CPU spike on the Routing Engine might be seen during this period. |
| PR Number | Synopsis | Category: Device Configuration Daemon |
| 1539991 | The logical interface might flap after adding or deleting native VLAN configuration Product-Group=junos |
On EX/QFX platforms, the unrelated logical interface on a physical interface would flap when adding or deleting native VLAN configuration on the physical interface. |
| PR Number | Synopsis | Category: EVPN control plane issues |
| 1521526 | ARP table not updated in race condition after vmotion or network loop Product-Group=junos |
ARP table not updated in race condition after vmotion or network loop |
| PR Number | Synopsis | Category: Express PFE FW Features |
| 1432116 | The FPC might crash when a firewall filter is modified. Product-Group=junos |
In QFX10K/PTX series platforms, if a firewall filter with multiple match conditions is configured on interfaces which are Up and the firewall filter is modified (either a new action is added or the condition is added/removed etc.), the FPC might crash and restart. It might affect the service/traffic. |
| PR Number | Synopsis | Category: Express PFE including evpn, vxlan |
| 1538600 | BFD neighborship is failing with EVPN_VXLAN configuration after l2-learning restart Product-Group=junos |
With EVPN-VxLAN configuration, when restart of l2-learning command is executed, BFD sessions on IRB interface may not come up. |
| PR Number | Synopsis | Category: Multiprotocol Label Switching |
| 1506062 | The rpd process might crash when rpd restarts or GRES switchovers. Product-Group=junos |
On all Junos platforms with GR (Graceful Restart) and LSP (Label Switched Path) configured, if the /mfs/var/db/tag_restart.db file is corrupted, the rpd process might crash when triggering rpd restart or GRES (Graceful Routing Engine Switchover) switchover. Traffic loss might be seen during the rpd crash and restart. |
| PR Number | Synopsis | Category: QFX Platform related (SYSLOG/ALARMS/miscellaneous) |
| 1449977 | FPC does not restart immediately after the system reboot that causes packet loss. Product-Group=junos |
On QFX10008 and QFX100016 switches, the traffic drop occurs after rebooting the system due to the time delay in rebooting the FPC. |
| PR Number | Synopsis | Category: Filters |
| 1514710 | In the VXLAN configuration, the firewall filters might not be loaded into the TCAM with the following message due to TCAM overflow after upgrading to Releases 18.1R3-S1, 18.2R1, and later : DFWE ERROR DFW: Cannot program filter. Product-Group=junos |
n QFX5000/EX4600 platforms with VxLAN scenario, firewall filters loading failure might happen due to Ternary Content Addressable Memory(TCAM) overflow, which may cause traffic impact if the Junos version is upgraded to 18.1R3-S1 / 18.2R1 or higher. This is because IPACL VxLAN filter is introduced on that releases to replace regular IPACL for VxLAN VLANs. And after upgrade, IPACL VxLAN filter needs more entries in TACM compared with regular IPACL, which makes TCAM to overflow, and even traffic will be impacted. |
| PR Number | Synopsis | Category: QFX L2 PFE |
| 1435561 | The l2ald memory leakage is observed when the VTEP or overlay BGP session flaps. Product-Group=junos |
When you restart the routing process, if the system is configured with EVPN service, memory of the Layer 2 learning daemon increases by 4000 when you use " show system processes extensive | match l2ald". |
| 1497993 | Traffic might get dropped if the aggregated Ethernet member interface is deleted or added, or a SFP of the aggregated Ethernet member interface is unplugged or plugged. Product-Group=junos |
On QFX5K/EX46xx platforms, if STP is configured on vlan but the AE interface which is part of that vlan is not configured with STP, after an AE member interface is deleted or a SFP of the AE member interface is unplugged, and when the deleted AE member interface is added back or the unplugged SFP is plugged again, traffic via that AE interface might get dropped. LACP and LLDP traffic are not affected by this issue. |
| PR Number | Synopsis | Category: QFX L3 data-plane/forwarding |
| 1537924 | ECMP over GRE does not work for BGP route Product-Group=junos |
ECMP over GRE does not work for BGP route. Traffic is polarized to just one egress interface but not distributed to multiple egress interfaces. |
| PR Number | Synopsis | Category: QFX EVPN / VxLAN |
| 1510794 | Multicast traffic loss is observed due to few multicast routes missing in the spine node Product-Group=junos |
In an EVPN-VXLAN scenario with scaled snooping configuration(for example, 100 vlan's with snooping enabled), traffic drops might be observed for multicast groups in few vlan's when "clear bgp sessions" is performed on all Spine devices. |
| PR Number | Synopsis | Category: QFX VC Infrastructure |
| 1528879 | On QFX5100 VC, if traffic engineering is configured then downgrade to 14.1 release from 17.3 or later release may fail. Product-Group=junos |
On QFX5100 VC, if traffic engineering is configured then downgrade to 14.1 release from 17.3 or later release may fail. |
| PR Number | Synopsis | Category: Trio pfe bridging, learning, stp, oam, irb software |
| 1488251 | MAC learning under bridge-domain stops after MC-LAG interface flaps. Product-Group=junos |
MAC learning under bridge-domain over MC-LAG interface stops after MC-LAG interface flap |
| PR Number | Synopsis | Category: UI Infrastructure - mgd, DAX API, DDL/ODL |
| 1448965 | Unexpected behavior might occur when you use the load override command. Product-Group=junos |
On all Junos platform, when CLI command 'load override ' is executed, unexpected behavior such as dot1xd core might be observed. The functionality of the dot1xd daemon might be impacted. |
| PR Number | Synopsis | Category: VNID L2-forwarding on Trio |
| 1517591 | MAC learning issue might happen when EVPN-VXLAN is enabled Product-Group=junos |
On MX platform, with Ethernet VPN and Virtual Extensible LANs (EVPN-VXLAN) implemented, Address Resolution Protocol (ARP) requests received on VXLAN tunnel endpoint (VTEP) might not forward to customer edge (CE) side or Proxy ARP role on VTEP might not work properly. This issue could happen when knob 'no-arp-suppression' is disabled under EVPN instance combined with static VXLAN implementation. Please refer to workaround provided when this issue hit. |
Getting Up and Running with Junos
Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search