Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

19.3R3-S1: Software Release Notification for JUNOS Software Version 19.3R3-S1

0

0

Article ID: TSB17933 TECHNICAL_BULLETINS Last Updated: 11 Dec 2020Version: 1.0
Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, MX, PTX, QFX, NFX, SRX, VRR, vMX, vSRX
Alert Description:
Junos Software Service Release version 19.3R3-S1 is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

Junos Software service Release version 19.3R3-S1 is now available.

19.3R3-S1 - List of Fixed issues
PR Number Synopsis Category: EX4300 PFE
1518929 On the EX4300 device, the redirected IP traffic is being duplicated.
Product-Group=junos
On EX4300 platforms with IRB/L3 interface, the redirected traffic with the source from another subnet is getting duplicated.
1538401 LLDP neighborship might not come up on EX4300 non-aggregated Ethernet interfaces.
Product-Group=junos
On EX4300 platform, LLDP might not work on non-AE (Aggregated Ethernet) interfaces. However, it works fine for AE interfaces.
1548858 The targeted-broadcast feature may not work after a reboot
Product-Group=junos
On EX4300 Series platforms, the targeted-broadcast feature may not work after a reboot. It can be seen that no target-broadcast packets are received on the targeted-broadcast interface.
PR Number Synopsis Category: EX4300 Platform implementation
1502467 The mge interface might still stay up while the far end of the link goes down.
Product-Group=junos
On EX4300-48MP platforms which support multi-rate gigabit ethernet (mge) interfaces, if a mge interface which is located within port range 24-47 is connected with some specific devices (e.g. a bypass module from DELL), when the far end of the link goes down, the mge interface might still stay up due to this issue. It will lead to traffic drop when sending traffic via the affected link.
PR Number Synopsis Category: EX2300/3400 CP
1494712 The authentication session might be terminated if the PEAP request is retransmitted by an authenticator.
Product-Group=junos
On all Junos platforms with 802.1X (dot1x) enabled, if Protected Extensible Authentication Protocol (PEAP) request is not replied by supplicant in default time interval, it could cause the authenticator to retransmit PEAP proposal method message with new Extensible Authentication Protocol (EAP) ID. The new EAP ID is different from EAP ID sent by authentication server. As a result, mismatching EAP ID issue could terminate authentication session. In the end, supplicant cannot access network. Please consider increasing 'supplicant-timeout' to prevent this issue from happening.
PR Number Synopsis Category: EX-Series VC Infrastructure
1527170 On the EX4650 device, the following error message is observed during booting: kldload: an error occurred while loading the module.
Product-Group=junos
EX4650 prints the following messages during booting. The message does not have any effect on the feature or functionality hence can be safely ignored. --------------------------------------------------------- bcmsdk_5_9_x kldKLD bcmsdk_5_9_x.ko: depends on acb - not available or version mismatch linker_load_file: Unsupported file type kldload: an error occurred while loading the module. Please check dmesg(8) for more details. --------------------------------------------------------- pci-hgcomdev module loaded[: missing ] [: missing ] hw.dcf.flex_nonflex: 0 -> 0 kern.timecounter.hardware: TSC-low -> TSC-low *** Creating PVIDb..\n 894+0 records in 894+0 records out 464880 bytes transferred in 0.005812 secs (79986098 bytes/sec) ln: /usr/lib/dd/filter/libschema-filter-dd.tlv: File exists Copied libschema-filter-dd.tlv to /usr/lib/dd/filter\n Executing the Junos host files signature script Verified manifest signed by PackageDevelopmentECP256_2020 method ECDSA256+SHA256 [: missing ] mount_cd9660: /dev/gpt/junos: Invalid argument bcmsdk_5_9_x kldKLD bcmsdk_5_9_x.ko: depends on acb - not available or version mismatch <<<<<<<<<<<<<<<<<<<<<<<<<< linker_load_file: Unsupported file type <<<<<<<<<<<<<<<<<<<<<<<<<< kldload: an error occurred while loading the module. Please check dmesg(8) for more details. <<<<<<<<<<<<<<<<<<<<<<<<<< Junosprocfs mounted on /junosproc. @ 1594871283 [2020-07-16 03:48:03 UTC] mgd start Creating initial configuration: ... mgd: Running FIPS Self-tests veriexec: no fingerprint for file='/sbin/kats/cannot-exec' fsid=212 fileid=49356 gen=1 uid=0 pid=7174 mgd: FIPS Self-tests Passed ------------------------------------
PR Number Synopsis Category: QFX Access control list
1521763 Firewall "sample" configuration gives the warning as unsupported on QFX10002-36q and will not work.
Product-Group=junos
On QFX10002-36q, when inline-jflow is configured, the IPv4 firewall filter with 'sample' action gives a waring "unsupported platform" and will not work. On the other hand, the IPv6 firewall filter with 'sample' action will still work as expected.
PR Number Synopsis Category: QFX PFE L2
1496766 Flow control is enabled in PFE irrespective of interface configuration and the fix causes a very small amount of packet loss when a parameter related to an interface such as "interface description" on any port is changed.
Product-Group=junos
On QFX5120 and QFX5210 running JunosOS 18.4R2-S5, 18.4R2-S6, 18.4R3-S5, 19.3R3 releases, there will be a very small amount of packet loss when a parameter related to an interface such as "interface description" on any port is changed. When the parameter is changed, COS buffer modifications is checked. Even when there is no change in previous and present COS buffer state for port, COS buffer modifications is unnecessarily performed and is calling traffic block and unblock and causing a very small amount of packet loss. This will be fixed in the following releases. Junos OS 18.4R2-S7, 18.4R3-S6, 19.3R3-S1 and all subsequent releases.
1521324 The MAC address in the hardware table might become out of synchronization between the master and member in Virtual Chassis after the MAC flaps.
Product-Group=junos
When MAC address moves over the member in Virtual Chassis, the MAC address's learning port in Internal Hardware MAC table may be out of sync between Master and member and this may lead to misforwarding. This will be an extremely rare occurrence. If the issue happens, you can issue "clear ethernet-switching table " command to restore the communication.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1486632 System upgrade/installation might fail on QFX 5100-48T-6Q VC/VCF
Product-Group=junos
On QFX 5100-48T-6Q VC/VCF, RCP error might be seen while upgrading the system using "request system software add  no-validate" and system upgrade/ installation could fail. This issue happens if DCPFE cpu utilization is very high.
PR Number Synopsis Category: QFX VC Datapath
1519893 On QFX5120 and QFX5210 platforms unexpected storm control events might happen
Product-Group=junosvae
On QFX5120 and QFX5210 platforms unexpected storm control events might happen. A new knob on the fixed versions is required to avoid this behavior: set forwarding-options storm-control enhanced
PR Number Synopsis Category: Accounting Profile
1505409 The DHCP subscribers might get stuck in terminated state for around 5 minutes after disabling cascade ports.
Product-Group=junos
On the Junos fusion provider edge with subscriber management configured, the DHCP subscribers might get stuck in terminated state for around 5 minutes after disabling cascade ports. After 5 minutes, the original sessions will be aging timeout automatically and then the subscribers can login again.
PR Number Synopsis Category: CoS support on ACX
1493518 On the ACX5048 and ACX5096 routers, the LACP control packets might be dropped due to high CPU utilization.
Product-Group=junos
On ACX5048/ACX5096 platforms, when one of the child links in AE goes down brings entire AE down due to high CPU.LACP control packets might get dropped as the port is blocked for a temporary period.
PR Number Synopsis Category: JUNOS kernel/ukernel changes for ACX
1481151 Memory utilization enhancement is needed.
Product-Group=junos
RPD memory chunk size is optimized for the ACX platform to reduce the memory footprint.
PR Number Synopsis Category: ACX GE, 10GE, PoE, IDT framers
1523418 Interface does not come up with the autonegotiation setting between ACX1100 routers and QFX Series switches, MX Series routers, and ACX Series routers as the other end.
Product-Group=junosvae
Broadcom chipset Patch provided to address TD2+ and TD chip set address the remote fault issue.
PR Number Synopsis Category: a20a40 specific issue
1522130 Syslog reporting "PFE_FLOWD_SELFPING_PACKET_LOSS: Traffic impact: Selfping packets loss/err: 300 within 600 second" error messages in node 0 and node1 control panel.
Product-Group=junos
Syslog reporting "PFE_FLOWD_SELFPING_PACKET_LOSS: Traffic impact: Selfping packets loss/err: 300 within 600 second" error messages in node 0 and node 1 control panel.
PR Number Synopsis Category: BBE multicast related issues
1536149 Multicast traffic might be sent out through unexpected interfaces with distributed IGMP enabled.
Product-Group=junos
On MX platforms with enabled subscriber services, if distributed IGMP is enabled on subscriber dynamic interfaces and there are static interfaces are configured on the same fpc, and fpc is reloaded or interfaces flapped, then multicast may get enabled on static interface and the multicast traffic may be sent out through unexpected interface.
PR Number Synopsis Category: Border Gateway Protocol
1538491 Configuring 'then next-hop' and 'then reject' on a route policy for the same route might cause rpd crash
Product-Group=junos
On all Junos platforms with BGP enabled, if a policy is setting 'then next-hop' and 'then reject' at the same time for the same prefix, rpd crash might be seen. Like the following: set policy-options policy-statement xxx term 1 from route-filter xxx set policy-options policy-statement xxx term 1 then next-hop ... set policy-options policy-statement xxx term 2 then reject
PR Number Synopsis Category: BBE Remote Access Server
1405855 Subscriber accounting messages retransmissions exist even after configuring accounting retry 0.
Product-Group=junos
When accounting-retry 0 is configured under the [access radius-server ] stanza, MX still attempts to re-transmits/retries accounting message to the AAA accounting Server
PR Number Synopsis Category: QFX Control Plane VXLAN
1538117 evpn/vxlan registers mac-move counters under "system statistics bridge" even though there is no actual mac-move for MH (multi-home) clients
Product-Group=junos
When using EVPN VXLAN, the "mac-move" counter under the "show system statistics bridge" may show a higher event count than the actual MAC moved events
PR Number Synopsis Category: VPWS, L2 CKT, EVPN-VPWS
1527085 On the ACX5448 and ACX710 routers, the vlan-id-list statement might not work as expected.
Product-Group=junos
On the ACX5448/ACX710 platforms, the statement "vlan-id-list" may not work as expected on a logical interface where the statement "encapsulation vlan-ccc" is configured, if the number of VLANs in the range is more than 16.
PR Number Synopsis Category: Layer 3 forwarding, both v4+v6
1491261 VPLS flood groups result in IPv4 traffic drop after the core interface flaps.
Product-Group=junos
VPLS flood groups result in IPv4 traffic drop after core interface flap.
PR Number Synopsis Category: JUNOS Dynamic Profile Configuration Infrastructure
1526934 Family IPv6 do not come up for the L2TP subscriber when additional attributes are not passed in the Framed-IPv6-Route VSA
Product-Group=junos
In DHCP/PPP Subscriber scenario with IPv6 dynamic-profile configured, all the additional attributes (route prefix, next-hop, metric, preference, tag) for IPv6 access route must be fully specified in dynamic-profile and passed via RADIUS server, otherwise family inet6 might not come up.
PR Number Synopsis Category: Ethernet OAM (LFM)
1500048 The FPC process might crash in inline mode with CFM configured.
Product-Group=junos
On the Junos platforms with inline mode CFM (Connectivity Fault Management) configured, if there are several CFM adjacencies flapping, due to the flaw in the CFM module to process the error-adjacencies messages, the FPC may crash alongside with NPC core-dump file generated. All services/traffic configured on the FPC will see outage till FPC recovers from an automatic reboot.
PR Number Synopsis Category: mgd, ddl, odl infra issues
1458345 "persist-groups-inheritance" causes the "mustd" process to crash and issues commit failure
Product-Group=junos
"persist-groups-inheritance" configuration option causes the "mustd" process to crash when one performs the "commit" action.
PR Number Synopsis Category: EVPN control plane issues
1521526 ARP table might not be updated after performing VMotion or a network loop
Product-Group=junos
On all Junos platforms with EVPN configured, the ARP table might not get updated. This issue happens after performing VMotion in a network or having a network loop.
1530991 The rpd might crash when auto-service-id is configured in EVPN VPWS scenario.
Product-Group=junos
On all Junos platforms with EVPN VPWS scenario, if auto-service-id is configured and the service IFL under VPWS instance is down, the rpd crash might be seen when any changes made to the configuration.
PR Number Synopsis Category: Sflow on qfx10k/ptx series PRs for defect & enhancement req
1521732 Output interface index in SFLOW packet is zero when transit traffic is observed on the IRB interface with VRRP enabled
Product-Group=junos
When VRRP is enabled on IRB interface and SFLOW is enabled on QFX10000 Series platforms, output interface Index in SFLOW packet will be zero for the traffic destined to VRRP MAC address.
PR Number Synopsis Category: Express PFE CoS Features
1531095 The MPLS EXP classifier might not work on QFX10K platforms
Product-Group=junos
On QFX10K platforms, the classification for incoming mpls traffic based on the EXP(experimental) bits might not take into effect, and instead the traffic will get classified based on the default setting, due to which packet loss could be observed.
PR Number Synopsis Category: Express PFE MPLS Features
1515092 The routes update might fail upon the HMC memory issue and traffic impact might be seen.
Product-Group=junos
On PTX Series and QFX Series devices, in rare cases, HMC memory error might cause routes update failure and traffic impact on the Packet Forwarding Engine.
PR Number Synopsis Category: ISIS routing protocol
1482983 The output of the "show isis interface detail" command might be incorrect if wide-metrics-only is enabled for IS-IS and the ASCII representation of the metric in decimal is more than 6 characters long
Product-Group=junos
If 'wide-metrics-only' is enabled for any IS-IS level and a metric configured on the IS-IS enabled interface for that level has ASCII representation in decimal more than 6 characters long, this interface's metric for that level will be merged with 'priority' field value in the output of 'show isis interface detail'.
1526447 The IS-IS LSP database synchronization issue might be seen while using the flood-group feature.
Product-Group=junos
On all Junos platform, when flood-group is configured on interface under isis, if isis LSPs time out and then come up, the device sends only self-generated LSPs and doesn't increment the LSP updates received from neighbor which flapped. This is causing LSP database out of synchronization issue.
PR Number Synopsis Category: jdhcpd daemon
1521227 The DHCP6 lease query is not as expected while verifying the DHCPV6v relay statistics.
Product-Group=junos
DHCPV6_LEASEQUERY counter may not be as expected in "show dhcpv6 relay statistics" output
PR Number Synopsis Category: Adresses ALG issues found in JSF
1535356 The SCCP ALG does not work on SRX Series devices running with Junos OS Release 17.3R1 and onward
Product-Group=junos
On SRX Series devices running with Junos OS Release 17.3R1 and onward, the Skinny Client Control Protocol (SCCP) ALG does not work, which results in SCCP calls failure.
PR Number Synopsis Category: Adresses NAT/NATLIB issues found in JSF
1532249 Need to improve the maximum eNode connections for one persistent NAT binding from 8 to 32.
Product-Group=junos
Improve the max ENODE connections for one persistent NAT binding from 8 to 32
PR Number Synopsis Category: To track issues related to jsf tcp proxy
1502977 A condition within TCP proxy could result in downloads becoming permanently stuck or not completing. TCP proxy is used by multiple services, including Juniper ATP Cloud in block mode, ICAP, SSL proxy, antivirus, content filtering, and antispam.
Product-Group=junos
On SRX5K/SRX4600/SRX4200 and vSRX platforms, TCP-Proxy configuration might result in downloads becoming permanently stuck and/or not completing. TCP-Proxy is used by multiple services, including SkyATP in block mode, ICAP, SSL-Proxy, Anti-Virus, Content Filtering, and Anti-Spam.
PR Number Synopsis Category: all logging related bugs on srx platforms
1521794 On SRX Series devices with chassis clusters, high CPU usage might be seen due to the llmd process.
Product-Group=junos
On SRX Series devices with chassis cluster, high CPU usage might be seen due to the llmd process.
PR Number Synopsis Category: Firewall Policy
1544554 The flowd/srxpfe process might crash when SRX/NFX device running on Junos OS 18.2R1 or above where the unified policy feature is supported
Product-Group=junos
On SRX Series device running on Junos OS 18.2R1 or above, or NFX Series device running on NextGen Junos OS, the unified policy feature is supported, the flowd/srxpfe might crash.
PR Number Synopsis Category: Firewall Module
1521325 The TCP packet might be dropped if syn-proxy protection is enabled.
Product-Group=junos
On SRX series devices, if TCP SYN flood protection is enabled with TCP SYN Proxy and the 3rd and 4th packet from the client arrive at the same time, then it can cause an SEQ error that may break the TCP connection.
PR Number Synopsis Category: IPSEC/IKE VPN
1438311 The Ping-icmp test fails after configuring ECMP routes over multipoint tunnel interface VPNs.
Product-Group=junos
On vSRX3.0 instances, when ECMP routes are configured to load balance over multiple IPSec VPNs connected to a single multipoint tunnel interface, the traffic may not flow. This issue applies to Junos OS Release 19.2R1 and higher releases.
1488087 IPsec tunnel could flap when ESN is enabled
Product-Group=junos
On SRX5000 line of devices, with extended-sequence-number (ESN) configured, the IPsec tunnel might be re-established. This issue could be self-recovered, and traffic loss happens during IPsec tunnel flapping.
PR Number Synopsis Category: PFE infra to support jvision
1547698 SENSOR APP DWORD leak observed during the period of churn for routes bound to Sensor group
Product-Group=junos
SENSOR APP DWORD leak observed during the period of churn for routes bound to Sensor group.Sensor types that are affected are Segment Routing,Segment Routing-TE, LDP and RSVP LSPs.
PR Number Synopsis Category: Platform infra to support jvision
1526568 The MPC10E line card might crash with the sensord process generating a core file due to a timing issue.
Product-Group=junos
If MPC10E is used in MX, the sensord running on PFE is used to stream telemetry data corresponding to CMError config sensor, CMError stats sensor etc. The J-Insight Fault Monitoring is enabled by default and it automatically subscribes to the CMError config sensor. The CMError config sensor is also able to be subscribed via Junos Telemetry Interface (JTI) by external user. In the current implementation, the update event of the CMError config sensor will be periodically sent to sensord with the frequency of 2 seconds even if no configuration change on these sensors. The frequent update of the CMError config sensor might cause the sensord to crash when it is not able to process the large-scale data. It is a timing issue which could happen in a system with a large-scale CMError config sensor leaves.
PR Number Synopsis Category: Kernel MX virtual-chassis PRs
1514583 Fail to forward traffic to VCP FPC after MXVC reboot or FPC rebooted or adding VCP link
Product-Group=junos
When rebooted MXVC or FPC rebooted or adding VCP link, there is timing issue when DEVRT updates coming in before the VCP IFD add messages in some FPCs that caused next hop mis-programming on these specific FPCs. Can check by: request pfe execute command "show jnh 0 vc state 0" target member1-fpcX request pfe execute command "show jnh 0 vc state 1" target member0-fpcX And will see invalid slot id = 255 . And we have to reboot specific to let FPCs next hop programming correct. Per this PR, re-designed Kernel part to parse the VC internal device route message from VCCPD and guarantee that VCP- interface messages are always sent to Ukernel/PFE first, then followed by VC internal device route message.
PR Number Synopsis Category: Label Distribution Protocol
1538124 The rpd process might crash when the LDP route with indirect next hop is deleted on the aggregated Ethernet interface.
Product-Group=junos
If the Label Distribution Protocol (LDP) route with indirect next-hop exists (e.g. LDP egress-policy is used to advertise BGP route into LDP), the rpd might crash when the LDP route is deleted from the AE interface.
PR Number Synopsis Category: Multi Protocol Label Switch OAM
1530382 The "ping mpls rsvp" command does not take into account lower MTU in the path
Product-Group=junos
MPLS ping over rsvp LSP with sweep option is failing to fetch the right MTU.
PR Number Synopsis Category: Fabric Manager for MX
1482124 Fabric healing logic incorrectly makes all MPC line cards go offline in the MX2000 router while the hardware fault is located on one specific MPC line card slot.
Product-Group=junos
In specific MPC hardware failure conditions within the MX2K platform, fabric healing will attempt to auto-heal the fault location in 3 phases to prevent traffic blackholing. If under such fault conditions only destination timeouts are reported without corresponding link errors, the fabric healing process might restart all MPCs in phase-2 in an auto-healing attempt and if the error condition appears again within 10 minutes the last phase-2 might offline all MPCs in the system.
PR Number Synopsis Category: Neo Interface
1541382 With hold time configuration, GE Interfaces remain down on reboot
Product-Group=junos
With hold time configuration, GE Interfaces from MPC cards which use MIC driver (such as MPC2E/3E NG, MPC Type 1, MPC Type 2) may go down.
PR Number Synopsis Category: FreeBSD Kernel Infrastructure
1518898 The kernel might crash if a file/directory is accessed for the first time and is not created locally.
Product-Group=junos
On the Junos with Virtual Filesystem (VirtFS), if a file/directory is accessed for the first time and is not created locally, the kernel might crash and generate a vmcore file. Junos might reboot due to this issue.
1537696 Errors might be seen when dumping vmcore on EX2300/EX3400 series
Product-Group=junos
On EX2300/EX3400, the vmcore might not be available and the device might hang while trying to generate core files via the rescue kernel. This might be caused by the ARM dumper device supporting only a fixed 512 byte block size, rather than scaling to any block size. This might cause loss of debug ability for the device.
PR Number Synopsis Category: OSPF routing protocol
1525870 The OSPFv3 adjacency should not be established when IPsec authentication is enabled.
Product-Group=junos
On EX4300 platforms, the OSPFv3 configured with IPsec authentication after device reboots, the OSPFv3 adjacency should not be established, while do the same configuration before device reboots, the adjacency should be established.
PR Number Synopsis Category: Used for tracking OVSDB software issues and features
1518807 The vgd process might generate a core file when the OVSDB server restarts.
Product-Group=junos
On all Junos platforms that support OVSDB (Open vSwitch database), the vgd core might get generated when the OVSDB server is restarted. The vgd daemon restart after the core might cause traffic impact. This issue happens when OVSDB server is disconnected and the device (switch/router) sends some updates events to server.
PR Number Synopsis Category: vMX Data Plane Issues
1544856 The riot forwarding daemon crash might be observed on vMX based platforms configured with IRB interface
Product-Group=junos
On vMX based platforms enabled with IRB interface, the riot forwarding daemon crash might be observed which could lead to traffic loss.
PR Number Synopsis Category: PTP related issues.
1527612 The transit PTP packet might be unexpectedly modified when passing through MPC2E-NG/MPC3E-NG/MPC5E
Product-Group=junos
If timestamping the packet at the physical layer (also known as PHY timestamping) is enabled for Precision Time Protocol (PTP), the transit PTP packets passing through the MPC2E-NG/MPC3E-NG/MPC5E might be modified to have huge value in Correction Field of the PTP packet even though there is not PTP port configured on these line cards. If the transit PTP packets are used for synchronizing downstream node, the clock frequency drift could be seen. The current fix in this PR is only applicable for G.8275.1 PTP profile.
PR Number Synopsis Category: Chassis mgmt for all QFX systems - chassis MIB, alarms, CLI
1507044 The archival function might fail in certain conditions.
Product-Group=junos
If the archival function is enabled with the statement "routing-instance" and transfer mode is set as SFTP/SCP for archive-sites, it may not work and fail to transfer the files.
PR Number Synopsis Category: Interface related issues. Port up/down, stats, CMLC , serdes
1515487 The 100-Gigabit Ethernet AOC non-breakout port might be auto-channelized to other speed
Product-Group=junos
On QFX5k platform with QFX-5e image, if the 100G port is enabled with auto-channelization (which is by default) and the AOC (Active Optical Cable) non-breakout transceiver is used on it, the 100G port might be detected as breakout and auto-channelized to other speed (e.g. 50G). The interface connection will be impacted.
PR Number Synopsis Category: QFX Platform related (SYSLOG/ALARMS/miscellaneous)
1508611 The fxpc may crash and restart with a fxpc core file created while installing image through ZTP
Product-Group=junos
On QFX5100/EX4600 Series platforms, the fxpc may crash sometimes while installing an image through ZTP.
1520956 QFX5100: cprod timeout triggers high CPU (100%)
Product-Group=junos
In QFX5100, you might get into a high CPU (CPU running at 100%) situation when a "cprod" command timed out.
PR Number Synopsis Category: QFX L2 PFE
1510629 The output VLAN push might not work.
Product-Group=junos
In the l2circuit termination scenario with input-/output-vlan-map and family ccc, the output-vlan-map push operation might not work. It has a traffic impact.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1512712 Display issue, Virtual Chassis environment, Configured num-65-127-prefix value is shown incorrect for the command O/P "show chassis forwarding-options"
Product-Group=junos
Display issue, In a Virtual Chassis environment, Configured num-65-127-prefix value is shown incorrect for the command O/P "show chassis forwarding-options" for the FPC which is not local (Backup and line card members of the VC)
PR Number Synopsis Category: QFX EVPN / VxLAN
1510794 Multicast traffic loss is observed due to few multicast routes missing in the spine node
Product-Group=junos
In an EVPN-VXLAN scenario with scaled snooping configuration(for example, 100 vlan's with snooping enabled), traffic drops might be observed for multicast groups in few vlan's when "clear bgp sessions" is performed on all Spine devices.
PR Number Synopsis Category: RPD route tables, resolver, routing instances, static routes
1498377 The route entries might be unstable after being imported into inet6.x RIB via rib-group
Product-Group=junos
When inet6.x (such as 6.1/6.2/6.3, and so on) is used as a non-primary RIB by rib-group, the import function issue might cause the route entries not to be modified correctly for IPv6 format, it might lead the received routes not to be imported successfully into the inet6.x RIB of the routing protocols. Then the network reachability might be impacted.
PR Number Synopsis Category: Resource Reservation Protocol
1524736 The inter-domain LSP with loose next-hops path might get stuck in the Down state.
Product-Group=junos
In the scenario of inter-domain LSP with loose next-hops path, when expanding the loose hop at the Area Border Router (ABR) / Autonomous System Border Router (ASBR), the LSP might not come up properly if the incoming link of the LSP at the ABR/ASBR is an unnumbered interface.
PR Number Synopsis Category: jflow/monitoring services
1517646 The srrd process might crash in a high route churns scenario or if the process flaps.
Product-Group=junos
On all Junos OS platforms with inline Jflow enabled, the sampled route reflector process (srrd) might crash in a scenario where there are high route churns or flaps in the system. This is a rare timing issue and because of the crash, the Jflow export might report older route information for sometime.
PR Number Synopsis Category: Generic platform and infra issues for MS-MIC and MS-MPC(XLP)
1482400 The vmcore process crashes sometimes along with the mspmand process on MS-MPC/MS-MIC if large-scale traffic flows are processed
Product-Group=junos
With NAT/Stateful-firewall/TCP tickle (enable by default) configured on MS-MPC/MS-MIC, the vmcore crash sometimes along with mspmand crash might happen if large-scale traffic flows (e.g. million flows) are processed by it.
PR Number Synopsis Category: platform related PRs on SRX branch platforms
1504986 Layer 2 ping is not working with remote MEP.
Product-Group=junos
For sake of there is length judgement for Mbuf structure, so L2 ping frame fails to transmit on some branches.
PR Number Synopsis Category: MX10003/MX204 Platform SW - Chassisd s/w defects
1315577 MX10003 : Despite of having all AC low PEM alarm is raised.
Product-Group=junosvae
An alarm is raised if mixed AC PEMs are present. This occurs because the criteria for checking whether mixed AC is present was changed.
PR Number Synopsis Category: MX10003/MX204 Linux issues (including driver issues)
1492121 MX10003 might shut down itself automatically after system upgrade or downgrade
Product-Group=junosvae
On the MX10003 platform, if we upgrade or downgrade Junos software from a set of original releases to a set of target releases, the system might detect incorrect temperature values and shutdown. The set of the original releases are: Junos 18.2R3, 18.3R3, 18.4R2, 19.1R2, 19.2R1, 19.3R1. The set of the target releases are: Junos pre-18.2R3, pre-18.3R3, pre-18.4R2, pre-19.1R2, pre-19.2R1, and pre-19.3R1 releases
PR Number Synopsis Category: MX10003/MX204 SW - UI specific defects
1529028 The speed command cannot be configured under the interface hierarchy on an extended port when MX204 or MX10003 router works as an aggregation device.
Product-Group=junos
Due to the restriction added via PR 1389918 (fixed in 17.4R3 18.2R2 18.3R2 18.4R1 19.1R1), it is unable to configure the speed knob under interface hierarchy on extended port when MX204 or MX10003 works as aggregation device (AD) in Junos Fusion Provider Edge (JFPE) setup.
PR Number Synopsis Category: ZT/YT PFE l3 forwarding
1529475 The multicast traffic might be dropped due to hash mismatch when there are AE and ECMP links involved in multicast tree
Product-Group=junos
On MX platforms with MPC10 or MPC11 line cards, the multicast traffic over an AE or ECMP interface may be dropped because the hash calculation on the egress line card could be different than on the ingress line card. This could happen if the encapsulation on the egress interface changes a field in the packet that is used in the hash calculation.
PR Number Synopsis Category: Issues related to broadband edge apps (PPP, DHCP) on Trio ch
1529602 In the subscriber management environment, the RADIUS interim accounting records does not get populated with the subscriber statistics.
Product-Group=junos
In the subscriber management environment, RADIUS interim accounting records are not populated with the subscriber statistics after a system reboot. In this case, the MAC of the routing engine is not learned by the nextgen-stats manager on the PFE.
1539474 The accounting interim-updates for subscriber does not work after GRES and subsequent reboot of FPCs in the node-slicing setup.
Product-Group=junos
On MX with MPC5 and newer card installed, if node slicing and subscriber service are enabled, the radius accounting interim updates may not carry actual statistics after performing GRES of base system (BSYS) and subsequent reboot of FPCs.
PR Number Synopsis Category: Trio pfe bridging, learning, stp, oam, irb software
1533767 PPE errors seem while processing OSPF multicast packet being sent through EVPN instance
Product-Group=junos
For multicast OSPF packets entering EVPN instance, these packets are being handled as transient packets, flood next-hop structure will be used to forward these packets to remote PE/CE. During the process of packet replication, it might encounter a lookup error causing "HW trap" and lookup thread will stop for this packet. If a packet hits this situation, a PPFE trap along with ttrace will be generated. Similar logs might be seen during such event : [LOG: Err] LUCHIP(0) PPE_1 Errors lmem addr error [LOG: Err] LUCHIP(0) PPE_2 Errors lmem addr error [LOG: Err] LUCHIP(0) PPE_7 Errors lmem addr error [LOG: Err] PPE Thread Timeout Trap: Count 3, PC 601c, 0x601c: set_oif_mtu [LOG: Err] PPE PPE HW Fault Trap: Count 343580, PC 6da, 0x06da: dmac_miss_check_ndp
1533857 FPC crash might be observed when the ASIC's NH memory exhausted in the EVPN-MPLS scenario
Product-Group=junos
On all MX/EX92xx platforms with EVPN-MPLS configured, NH (Next-Hop) memory leak in Trio ASIC happens whenever there is a route churn for remote MAC-IP entries learned bound to the IRB interface in EVPN-MPLS routing-instance. When the ASIC's NH memory partition exhausted (free% NH memory is close to 20% or below), which will result in the line card to reboot.
PR Number Synopsis Category: Issues related to port-mirroring functionality on JUNOS
1542500 Port mirroring with maximum-packet-length configuration does not work over GRE interface
Product-Group=junos
Port mirroring with maximum-packet-length configuration does not work over GRE interface on MX204. While constructing GRE header, the clipping aspect of inner packet was not accounted earlier. If the inner packet is truncated, the outer GRE header packet size must use the new size (clipped size) to calculate the total length of outer header.
PR Number Synopsis Category: Configuration mgmt, ffp, load-action, commit processing
1499265 The commit check might fail when adding a logical interface into a routing-instance, which has no-normalization command enabled under the routing-instances stanza.
Product-Group=junos
The change by PR 1433542 (which is fixed in 18.3R3 18.4R3 19.1R2 19.2R2 19.3R1) causes commit check to fail. This happens when "no-normalization" is configured under a routing-instances stanza for a routing-instance with any of the following interface configuration - "vlan-id all", "vlan-id inner-all", "input-vlan-map", "output-vlan-map", "vlan-id-list", "vlan-id-range", "vlan-tags inner-list", "vlan-tags inner-range".
PR Number Synopsis Category: UI Infrastructure - mgd, DAX API, DDL/ODL
1459839 Configuration change might not be applied if the Ephemeral database is used.
Product-Group=junos
If Ephemeral DB is used, configuration change might not be applied on the device. In case of LDP configuration change, it might cause LDP session down hence affects traffic.
PR Number Synopsis Category: Virtual Router Redundancy Protocol
1526851 When SRX receives proxy ARP request on VRRP interface, SRX sends ARP reply with underlying interface MAC address
Product-Group=junos
On SRX Series devices with VRRP scenario, the proxy ARP reply uses interface MAC address instead of VRRP MAC address if the VRRP is configured on some IFL and the proxy-arp is configured on same IFL, traffic loss may occur.
1546635 After VRRP failover VRRP backup router will keep receiving traffic for about 2 minutes
Product-Group=junos
In one scenario when there are three VRRP routers(VRRP priority: R1>R2>R3), with vrrp-inherit-from enabled, the VRRP backup router will keep receiving traffic for about 2 minutes after VRRP failover which will cause traffic drop.
PR Number Synopsis Category: VSRX platform software
1524243 The control link might be broken when there is excessive traffic load on the control link in vSRX cluster deployment.
Product-Group=junosvae
In the vSRX2.0 cluster running on KVM, when there is excessive traffic load on the control link (em0 link), the error message kernel: em0: watchdog timeout on queue 0 might be shown in the syslog. This interruption might cause the cluster control link to fail and dynamic routing protocols not to work properly.
PR Number Synopsis Category: ZT pfe multicast software
1499631 Heap memory leak might be seen on the MPC10 and MPC11 line cards.
Product-Group=junos
On MPC10/MPC11 linecards, under heavy route churn, the aftd-trio process might slowly leak memory.
 

19.3R3-S1 - List of Known issues
PR Number Synopsis Category: SFI Infra-structure
1485038 The following error message is observed continuously in AD with base configurations: IFDE: Null uint32 set vector, ifd and IFFPC: 'IFD Ether uint32 set' (opcode 151) failed.
Product-Group=junos
EX 9251 Summit-B54 : "IFDE: Null uint32 set vector, ifd and IFFPC: 'IFD Ether uint32 set' (opcode 151) error message is observed continuously in AD with base configurations.
PR Number Synopsis Category: Marvell based EX PFE ACL
1434927 The FPC crashes with pfem generating core file might be seen if large-scale number of firewall filters are configured.
Product-Group=junos
On EX Series switches, If you are configuring a large-scale number of firewall filters on some interfaces, the FPC might crash and generate core files.
PR Number Synopsis Category: Marvell based EX PFE MISC
1232403 HSRPv2 IPV6 packets might get dropped if IGMP-snooping is enabled.
Product-Group=junos
On EX Series switches except EX4300/EX4600/EX9200, an interface is configured for single vlan or multiple vlans, if all these vlans of this interface have igmp-snooping enabled, then this interface will drop HSRPv2 (Hot Standby Router Protocol for IPv6) packets. But if some vlans do not have igmp-snooping enabled, then this interface is working fine.
PR Number Synopsis Category: EX2300/3400 PFE
1462155 The fxpc crashes due to PFEMAN_RT thread and BCM linkscan thread get into a deadlock
Product-Group=junos
In certain conditions, PFEMAN_RT thread and BCM linkscan thread get into a deadlock causing watchdog timeout.
PR Number Synopsis Category: NFX Series Platform Software
1462556 Junos OS: NFX350: Password hashes stored in world-readable format (CVE-2020-1669)
Product-Group=junos
The Juniper Device Manager (JDM) container, used by the disaggregated Junos OS architecture on Juniper Networks NFX350 Series devices, stores password hashes in the world-readable file /etc/passwd. This is not a security best current practice as it can allow an attacker with access to the local filesystem the ability to brute-force decrypt password hashes stored on the system. Refer to https://kb.juniper.net/JSA11066 for more information.
PR Number Synopsis Category: QFX PFE L2
1494072 On the QFX5200 line of switches, the MAC learning rate is degraded by 88 percent.
Product-Group=junos
Juniper's qfx-5k products were originally using vendor's SDK handling mac learning. At some point, Juniper introduced its own DMA software for mac learning, which had improved learning rate by 50% or so. As the rest vendor's SDK software advanced over time, the mix of vendor's and Juniper's software had caused some sever mac learning stability issue. Mac learning may be stuck at some conditions. Decision has been made to re-align all software back to vendor's general SDK uniformly. This has solved the stability issue as tested extensively. At the expense, the mac learning rate is cut by about 50%, back to original rate.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1500508 On the QFX5100 Virtual Chassis or Virtual Chassis fan, traffic loss on multiple traffic streams is observed after reboot and the interfaces of the Virtual Chassis node flaps.
Product-Group=junos
On QFX5100 VC/VCF : Observing traffic loss on multiple traffic streams after reboot and flapping the interfaces of the VC node
PR Number Synopsis Category: CoS support on ACX
1522941 The show class-of-service interface command does not show classifier information.
Product-Group=junos
This is a display issue. Due to misread in PFE registers, classifier is not shown in "show class-of-service interface" output
PR Number Synopsis Category: Bi Directional Forwarding Detection (BFD)
1516556 The remaining BFD sessions of the aggregated Ethernet interface flap continuously if one of the BFD sessions is deleted.
Product-Group=junos
On QFX10k platforms, if multiple sub-interfaces of the same AE (Aggregated Ethernet) interface are belonged to different routing instances, and these sub-interfaces are configured with the same IP address and configured with separate BFD (Bidirectional Forwarding Detection) sessions, the remaining BFD sessions will flap continuously if one of these BFD sessions is deleted.
1522261 BFD with authentication for BGP flaps after GRES or NSR switchover on the NG-RE and SCBE2 setup.
Product-Group=junos
On the devices with NG-RE (Next Generation Routing Engine) and SCBE2 (Enhanced Switch Control Board), when BFD authentication for BGP is enabled, the BFD may flap after the NG-RE switchover. The switchover should be GRES or NSR switchover. After the flap, the device could be self recovery.
PR Number Synopsis Category: Border Gateway Protocol
1423647 Route churn might be seen after changing the maximum-prefixes configuration from value A to value B.
Product-Group=junos
In BGP setup configured with VPN families (inet-vpn, inet6-vpn, l2vpn, evpn or mvpn), route churn might be seen after changing maximum-prefixes configuration from value A to value B, it causes rpd CPU usage to be hogged for about an hour.
1456260 Packet drop and CPU spike on Routing Engine might be seen in certain conditions if labeled-unicast protection is enabled for a CsC-VRF peer.
Product-Group=junos
On all Junos OS platforms under carrier supporting carrier (CsC) scenario, when PE link protection (labeled-unicast protection) is enabled, after one of the redundant links between CsC-CE flap or RSVP-TE LSP re-route from the primary path happens, it might result in slow convergence issue. Packets drop and CPU spike on the Routing Engine might be seen during this period.
1483097 The BGP RPKI ROA withdrawal might lead to an unexpected BGP route flap.
Product-Group=junos
Originally, when an RPKI RTR server or an RPKI Validator withdraws ROAs they are marked as "stale" and then flushed when the garbage collection timer runs out. For the short period of time, this might result in incorrect validation status. If there's an egress BGP policy which suppresses routes with RPKI status of invalid, the affected prefixes will be withdrawn and then, when the correct route validation status is reclaimed, re-advertised. With the fix, the withdrawn ROAs are deleted from the validation database immediately.
1523075 BGP session with VRRP virtual address used might not come up after a flap
Product-Group=junos
When VRRP virtual address is configured and used to set up a BGP session with the remote side, under rare timing conditions, BGP peer establishment may get rejected repetitively.
PR Number Synopsis Category: Device Configuration Daemon
1539991 The logical interface might flap after adding or deleting native VLAN configuration
Product-Group=junos
On EX/QFX platforms, the unrelated logical interface on a physical interface would flap when adding or deleting native VLAN configuration on the physical interface.
PR Number Synopsis Category: DNX VPLS
1532995 Memory leak is observed in the Local OutLif in the VPLS and CCC topology.
Product-Group=junos
In a VPLS/CCC topology with core link protection when one of the core link flaps or the remote CE flaps "Local OutLif" leak happens. Local OutLif Total entries: 196608 Used entries: 33335 Lowest entry: 0(0x0) /*Initially when vpls is up */ Local OutLif Total entries: 196608 Used entries: 33303 Lowest entry: 0(0x0) /*When VPLS is down*/ Local OutLif Total entries: 196608 Used entries: 33337 Lowest entry: 0(0x0) /*When VPLS is up again*/
PR Number Synopsis Category: Manageability for Node Virtualization
1527322 Dvaita JDM: Commit Error Messages are coming twice while validating physical-cores knob
Product-Group=junosvae
Commit error messages get printed twice while validating physical-cores knob for GNFs.
PR Number Synopsis Category: EVPN Layer-2 Forwarding
1535515 All the ARP reply packets towards to some address are flooded across the entire fabric
Product-Group=junos
In the EVPN-VXLAN scenario, if the spine has irb and the leaves don't have irb, and the leaves have multi-home interfaces, the ARP reply packets flooding across the entire fabric might be seen.
PR Number Synopsis Category: Express PFE FW Features
1420560 On the PTX3000 routers, the firewall counter for lo0 does not increment.
Product-Group=junos
Issue will not be fixed in 19.1 release, will be fixed in subsequent releases.
PR Number Synopsis Category: ISIS routing protocol
1458791 Consider the case where the backup nexthop for a route in inet6.3 has all valid labels except for the last label. While it is not possible to install a working backup path in inet6.3, it is possible to install a working backup path for inet6.0. This is because the inet6.0 backup path is derived from the inet6.3 backup path by removing the last label. Removing the last label leaves a label stack with all valid labels. However, the current implementation does not install the inet6.0 backup path.
Product-Group=junos
On all Junos platforms deployed with Topology-Independent Loop-Free Alternate (TI-LFA), if a router advertises a prefix but not a prefix segment identifier (SID), there might be no TI-LFA backup path installed for the route in the routing table inet.0 or inet6.0. Without the protection provided by the TI-LFA backup path, the convergence time might be much longer and therefore cause more traffic loss than expected. The issue would happen whether the routing protocol Open Shortest Path First (OSPF) or Intermediate System-to-Intermediate System (IS-IS) is used.
PR Number Synopsis Category: Flow Module
1467654 TCP session cannot time out properly upon receiving the TCP RESET packet, and the session timeout does not change to two seconds.
Product-Group=junos
TCP session cannot time out properly upon receiving the TCP RESET packet, and the session timeout does not change to 2 seconds.
1528898 A chassis cluster node might stop passing traffic.
Product-Group=junos
On SRX platforms, a node of chassis cluster might stop passing traffic. The traffic forwarding can be restored by a manual failover to Node1.
1541954 The rst-invalidate-session configuration does not work if configured together with no-sequence-check.
Product-Group=junos
On SRX Series platforms, the "rst-invalidate-session" does not work if configured together with no-sequence-check. It might result in a TCP connection unestablished.
PR Number Synopsis Category: JSR Infrastructure
1484872 JFlow/IPFix - tracking pr for fixing crash when sampling is more than 65535
Product-Group=junos
There was a crash when setting the sampling rate more than 65535, this is since fixed. set forwarding-options sampling instance s1 input rate 70000
PR Number Synopsis Category: IPSEC/IKE VPN
1522017 The traffic might be dropped when IPSec VPN with NAT-T enabled
Product-Group=junos
On SRX platforms, when IPSec VPN is configured with NAT-T enabled and VPN tunnel is established between two peers, if traffic is received from peer during VPN rekey, the traffic might be dropped in the VPN tunnel.
1530684 On SRX Series devices using IPsec with NAT traversal, MTU size for the external interface might be changed after IPsec SA is reestablished.
Product-Group=junos
On all SRX series devices using IPsec with NAT Traversal, MTU size might be changed to a lower value for the ike external interface after IPSEC SA is re-established.
PR Number Synopsis Category: Layer 2 Control Module
1532992 [xstp] [xstptag] :: EX4300:: PDT :: Complete traffic drop seen on configuring MSTP edge port over access and QinQ ports
Product-Group=junos
In a qinq configuration xSTP should not be enabled on interface having ifls with vlan-id-list configured. If xSTP is enabled on such interface, it will only run on ifl whose vlan-id range includes native-vlan-id configured and all other ifls of this interface will in discarding state. So, user should not enable xSTP on these kind of interfaces. Sample configuration which is not allowed: set interfaces ge-0/0/1 flexible-vlan-tagging set interfaces ge-0/0/1 native-vlan-id 3000 set interfaces ge-0/0/1 encapsulation extended-vlan-bridge set interfaces ge-0/0/1 unit 2000 vlan-id-list 1-200 set interfaces ge-0/0/1 unit 2000 input-vlan-map push set interfaces ge-0/0/1 unit 2000 output-vlan-map pop set vlans csvlan1 interface ge-0/0/1.2000 set protocols mstp interface ge-0/0/1
PR Number Synopsis Category: Layer2 forwarding on EX/NTF/PTX/QFX
1534796 High rate of ARP or NS packets might be observed between a device that runs Junos OS and host when the device that runs Junos OS receives an ARP or NS packet on an interface in transition.
Product-Group=junos
On Junos device in EVPN scenario, if an interface is in transition status and an ARP request is received on the interface from a host, the Junos device may send out re-arp out towards the host, and the host responds to this re-arp and the Junos device sends another re-arp in response to this arp reply from host. This goes forever causing high rate of arp packets until the interface comes up. This issue is also applicable to ND/NS in IPv6 environment.
PR Number Synopsis Category: lacp protocol
1366825 RG1 failover occurs when RG0 failover is triggered
Product-Group=junos
RG1+ which is configured for interface-monitor, might fail over to the other node if RG0 failover is triggered.
PR Number Synopsis Category: lldp sw on MX platform
1538482 DUT did not receive the LLDP packet from phone.
Product-Group=junos
On EX4300 platforms, the LLDP (Link Layer Discovery Protocol) neighborship with the VoIP (Voice over Internet Protocol) phones can't be established when LLDP is configured on the PoE (Power over Ethernet) enabled port on EX4300 and connects to the VoIP Phone.
PR Number Synopsis Category: Multicast for L3VPNs
1546739 MVPN multicast route entry may not be properly updated with actual downstream interfaces list
Product-Group=junos
In multicast VPN RPT-SPT mode with both locally and remotely connected receivers, the multicast forwarding entry related to the actual downstream interfaces may not be properly updated. The issue may happen when multicast forwarding entry is created by locally connected PIM receiver, followed by remote receiver and after local receiver decides to prune its membership in that multicast group.
PR Number Synopsis Category: Jflow and sflow on MX
1487876 Incorrect frame length of 132 bytes might be captured in the packet header.
Product-Group=junos
On all MX/PTX5k/EX platforms with Trio based line cards, if a packet is send with more than 128 bytes it will always show incorrect "Frame length" of 132 bytes in raw packet header of sflow collector captured data.
PR Number Synopsis Category: OSPF routing protocol
1543147 The metric of prefixes in intra-area-prefix LSA might be changed to 65535 when the metric of one of the OSPFv3 p2p interfaces is set to 65535
Product-Group=junos
On all Junos platforms with OSPFv3 configured, when the metric of one of the OSPFv3 p2p interfaces is set to 65535, metrics of some of the prefixes in intra-area-prefixes LSA associated with p2p interface will also be changed to 65535. This issue will cause routes selection issues even traffic loss.
PR Number Synopsis Category: QFX L2 PFE
1475005 The system might stop new MAC learning and impact the Layer 2 traffic forwarding
Product-Group=junos
On QFX platforms, if there are a lot of MAC moves, the system might stop new MAC learning and lots of old MAC addresses might be stuck and couldn't be aged and deleted. Due to this issue, could have impact on layer 2 traffic forwarding and the customer service.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1484440 IRB MAC will not be programmed in hardware when MAC persistence timer expires
Product-Group=junos
On QFX5XXX/EX46XX virtual chassis platforms with GRES, if an IRB interface is configured with members across master and backup REs, and when mac-persistence-timer expires, the new MAC address of the IRB interface might not be programmed in hardware, which might result in failure on protocols and traffic.
PR Number Synopsis Category: KRT Queue issues within RPD
1474965 [LDP] [Redbull] MPC11E: Not all LDP FEC routes are synced to backup RE while scaling routes to 480K
Product-Group=junos
If the LDP is scaled to 480,000 over four interface, the mirror subsystem times out and goes down.
PR Number Synopsis Category: Resource Reservation Protocol
1401800 MPLS LSPs do not revert back on primary path when no-cspf & node/link protection is configure on head-end router/lsp
Product-Group=junos
The default behavior of local reversion has changed from Junos OS Release 16.1 and that impacts the LSPs for which the ingress does not perform make-before-break. Junos OS does not perform make-before-break for no-cspf LSPs.
1516657 RPD scheduler might slip after link flap
Product-Group=junos
On all Junos platforms with RSVP-TE configured, when a transit router carries a large number of LSP's (for example, 60k and higher) and all those LSPs undergo FRR (for example, when link carrying large number of LSP's flap) then, the rpd scheduler might slip and LDP session tear down might be observed after the link flap.
PR Number Synopsis Category: Trio pfe bridging, learning, stp, oam, irb software
1501014 Traffic to VRRP virtual IP or MAC addresses might be dropped when ingress queuing is enabled.
Product-Group=junos
On MX platforms with any MPC in enhanced network-service mode, if VRRP is configured on AE interface, after 'set chassis fpc X pic X traffic-manager mode ingress-and-egress' is enabled, traffic sent to virtual IP/MAC might be dropped and the forward traffic will be affected.
PR Number Synopsis Category: UI Infrastructure - mgd, DAX API, DDL/ODL
1452136 The mgd might crash when you use the replace pattern command.
Product-Group=junos
When you use the "replace pattern" command to replace the name in the apply-group, the mgd crashes.
PR Number Synopsis Category: VNID L2-forwarding on Trio
1517591 no-arp-suppression is required for MAC learning across the EVPN domain on the static VTEP.
Product-Group=junos
O On MX Series platform, with Ethernet VPN and Virtual Extensible LANs (EVPN-VXLAN) implemented, the Address Resolution Protocol (ARP) requests received on VXLAN tunnel endpoint (VTEP) might not forward to customer edge (CE) side or proxy ARP role on VTEP might not work properly. This issue might occur when the 'no-arp-suppression' configuration statement is disabled under EVPN instance combined with static VXLAN implementation. Please refer to the workaround provided when this issue hit.
Modification History:
First publication 2020-12-10
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search