Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

19.4R2-S3: Software Release Notification for JUNOS Software Version 19.4R2-S3

0

0

Article ID: TSB17918 TECHNICAL_BULLETINS Last Updated: 23 Nov 2020Version: 1.0
Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, MX, PTX, QFX, NFX, SRX, VRR, vMX, vSRX
Alert Description:
Junos Software Service Release version 19.4R2-S3 is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

Junos Software service Release version 19.4R2-S3 is now available.

19.4R2-S3 - List of Fixed issues
PR Number Synopsis Category: JUNOS kernel/ukernel changes for ACX
1481151 Memory utilization enhancement is needed.
Product-Group=junos
RPD memory chunk size is optimized for ACX platform to reduce the memory foot print.
PR Number Synopsis Category: Sflow on qfx10k/ptx series PRs for defect & enhancement req
1521732 Output interface index in SFLOW packet is zero when transit traffic is observed on the IRB interface with VRRP enabled
Product-Group=junos
When VRRP is enabled on IRB interface and SFLOW is enabled on QFX10000 Series platforms, output interface Index in SFLOW packet will be zero for the traffic destined to VRRP MAC address.
PR Number Synopsis Category: Multicast for L3VPNs
1546739 MVPN multicast route entry may not be properly updated with actual downstream interfaces list
Product-Group=junos
In multicast VPN RPT-SPT mode with both locally and remotely connected receivers, the multicast forwarding entry related to the actual downstream interfaces may not be properly updated. The issue may happen when multicast forwarding entry is created by locally connected PIM receiver, followed by remote receiver and after local receiver decides to prune its membership in that multicast group.
PR Number Synopsis Category: vMX Data Plane Issues
1544856 The riot forwarding daemon crash might be observed on vMX based platforms configured with IRB interface
Product-Group=junos
On vMX based platforms enabled with IRB interface, the riot forwarding daemon crash might be observed which could lead to traffic loss.
PR Number Synopsis Category: Protocol Independant Multicast
1501722 The rpd process might crash in a multicast scenario with BGP configured.
Product-Group=junos
In multicast scenario with BGP configured, when a new BGP link is brought up (such as, after updating specific BGP policies), which changes the RPF neighbor information and this update causes the rpd core to happen. The issue is seen only while updating RPF neighbor information and not seen while building it for the first time.
PR Number Synopsis Category: KRT Queue issues within RPD
1493963 The rpd process generates a core dumps
Product-Group=junos
On EVO platforms running BGP with knob 'route-record' or sampling, the rpd might crash if BGP paths exceed around 5600K.
PR Number Synopsis Category: RPD route tables, resolver, routing instances, static routes
1507638 On all Junos OS dual-Routing Engine GRES or NSR enabled routers, the rpd process might crash on a new primary Routing Engine if the Routing Engine switchover occurs right after massive routing-instance deletion.
Product-Group=junos
On all Junos platforms, if GRES and NSR are enabled at a dual-RE router and if RE switchover happens (either manually or due to some other reasons) right after deleting a big number of routing instances, then rpd at a new primary RE could crash once. Once a new primary RPD crashed, it will restart by itself.
PR Number Synopsis Category: IPSEC functionality on M/MX/T ser
1544794 CMVTS:mspmand cored at pconn_client_try_connect (clnt=0x10064ae00) at ../../../../../src/junos/lib/libconn/pconn_conn.c:2155
Product-Group=junos
During activate/deactivate of interfaces multiple times, sometimes mspmand may core in pconn library because of NULL pointer access. The service pic will auto-recover after a reboot.
PR Number Synopsis Category: Trio pfe bridging, learning, stp, oam, irb software
1506861 The MEP session on the aggregated Ethernet interface might not come up if OAM runs with PPM mode by default.
Product-Group=junos
On MX platform running with enhance IP mode or enhanced ethernet mode, also, Operation, Administration and Maintenance (OAM) is enabled with Periodic Packet Management (PPM) mode by default, maintenance association end point (MEP) session might be failed to create. In the end, network connection failure might not be efficiently monitored. This is functional impact.
1542211 Trio-based FPC might crash when the underlying layer 2 interface for ARP over IRB interface is changed from physical interface to LSI interface
Product-Group=junos
This issue applies to a Trio-based FPC using the integrated routing and bridging (IRB) interface with a VPLS instance using the label-switched interface (LSI) to provide VPLS functionality. The FPC may restart unexpectedly. The restart is triggered when the underlying layer-2 interface for ARP over IRB interface changes from the physical interface to the LSI interface.
PR Number Synopsis Category: VSRX platform software
1524243 The control link may be broken when there is excessive traffic load on the control link in vSRX cluster deployment
Product-Group=junosvae
In the vSRX2.0 cluster running on KVM, when there is excessive traffic load on the control link (em0 link), the error message kernel: em0: watchdog timeout on queue 0 might be shown in the syslog. This interruption might cause the cluster control link to fail and dynamic routing protocols not to work properly.
 

19.4R2-S3 - List of Known issues
PR Number Synopsis Category: NFX Series Platform Software
1462556 Junos OS: NFX350: Password hashes stored in world-readable format (CVE-2020-1669)
Product-Group=junos
The Juniper Device Manager (JDM) container, used by the disaggregated Junos OS architecture on Juniper Networks NFX350 Series devices, stores password hashes in the world-readable file /etc/passwd. This is not a security best current practice as it can allow an attacker with access to the local filesystem the ability to brute-force decrypt password hashes stored on the system. Refer to https://kb.juniper.net/JSA11066 for more information.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1500508 On the QFX5100 Virtual Chassis or Virtual Chassis fan, traffic loss on multiple traffic streams is observed after reboot and the interfaces of the Virtual Chassis node flaps.
Product-Group=junos
On QFX5100 VC/VCF : Observing traffic loss on multiple traffic streams after reboot and flapping the interfaces of the VC node
PR Number Synopsis Category: ACX Services feature
1504717 Observed core-ripsaw-node-aftd-expr on ACX6360
Product-Group=junos
Argus/Capella support is limited to 19.4R2-S2
PR Number Synopsis Category: Border Gateway Protocol
1538956 [bgp] [VMX Regressions: After move peer out of protection group, path protection not removed from the PE router -- Multipath route still present]
Product-Group=junos
After move peer out of protection group, path protection not removed from the PE router -- Multipath route still present
PR Number Synopsis Category: Device Configuration Daemon
1407295 Both nodes in the SRX Series chassis cluster go into DB mode after downgrading to Junos OS Release 18.1.
Product-Group=junosvae
Both nodes in the SRX cluster went into db mode after downgrading to 18.1 when the vlan-tagging configured on reth interfaces, but vlan-id is not configured
PR Number Synopsis Category: Covers Application classification workflows apart from custo
1545580 AppID : Need syslog to indicate signature download completion
Product-Group=junos
PR - 1550350 to track it, please refer to it.
PR Number Synopsis Category: mgd, ddl, odl infra issues
1522339 Compressed /var/log/ creation through file archive compress might fail on certain PTX platforms running Junos Evolved.
Product-Group=junos
Compressed /var/log/ creation via "file archive compress" might fail on certain PTX platforms running Junos Evolved.
PR Number Synopsis Category: Express PFE FW Features
1420560 On the PTX3000 routers, the firewall counter for lo0 does not increment.
Product-Group=junos
Issue will not be fixed in 19.1 release, will be fixed in subsequent releases.
PR Number Synopsis Category: Fabric Manager for MX
1482124 Fabric healing logic incorrectly makes all MPC line cards go offline in the MX2000 router while the hardware fault is located on one specific MPC line card slot.
Product-Group=junos
In specific MPC hardware failure conditions within the MX2K platform, fabric healing will attempt to auto-heal the fault location in 3 phases to prevent traffic blackholing. If under such fault conditions only destination timeouts are reported without corresponding link errors, the fabric healing process might restart all MPCs in phase-2 in an auto-healing attempt and if the error condition appears again within 10 minutes the last phase-2 might offline all MPCs in the system.
PR Number Synopsis Category: KRT Queue issues within RPD
1505769 Traffic flow might be blocked if MTU configured under IFD is greater than MTU configured under IFF
Product-Group=junos
On EVO platforms, if MTU configured under physical interface (IFD) is greater than MTU configured under same interface with family inet or family inet6 (IFF), aftmand might have catastrophic event. In the end, no traffic could be forwarded by aftmand. Please make sure IFD MTU need to be configured with smaller value than IFF MTU.
PR Number Synopsis Category: Trio pfe bridging, learning, stp, oam, irb software
1533857 FPC crash might be observed when the ASIC's NH memory exhausted in the EVPN-MPLS scenario
Product-Group=junos
On all MX/EX92xx platforms with EVPN-MPLS configured, NH (Next-Hop) memory leak in Trio ASIC happens whenever there is a route churn for remote MAC-IP entries learned bound to the IRB interface in EVPN-MPLS routing-instance. When the ASIC's NH memory partition exhausted (free% NH memory is close to 20% or below), which will result in the line card to reboot.
 
Modification History:
First publication 2020-11-23
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search